Send me more jobs like this

Security Engineer – SIEM Engineer

Keywords / Skills : Security Engineer

4 - 8 years
Posted: 2019-11-17

Industry
ITES/BPO
Function
IT/Software Development - Systems/EDP/MIS
IT
IT/Software Development - System Programming/Middleware
Role
Security Analyst
Education
Bachelors
Degree
Posted On
17th Nov 2019
Job Ref code
127439
Job Description
Job Description :
Security Engineer – SIEM Engineer
Position Description

This Security Incident & Event ManagementEngineer will be sought out as a technical expert. The successful candidate will lead a vendor security team of analysts around the globe in a 24x7 environment, and will be a knowledgeable, hands-on technical specialist, handling the escalation of complex and detailed technical work necessary to provide comprehensive SIEM monitoring, threat detection, and coordinating incident response within the organization. Mentoring and training of fellow team members is expected as a means of information sharing and skill enhancement of the team as a whole. The continual enhancement and development of organizational processes and standards are also key components of this job role. This person will report to the Security Operations Manager as part of our Cyber Defense team and liaison with Optum Enterprise Security Incident Response Team (SIRT) Primary Responsibilities:

·Lead on a vendor team of analysts charged with threat monitoring, content development, and incident response support; serve as an escalation resource and mentor for other SOC analysts
·Monitor and analyze attempted efforts to compromise security protocols. Identify and investigate activities and conduct and provide analyses regarding results.
·Escalate issues to Enterprise SIRT teams.
·Review SEIM and SBDL logs to identify and report possible security issues.
·Perform investigations and escalation for complex or high severity security threats or incidents
·Work with SIEM Engineering and other security partners developing and refining correlation rules
·Author and coordinate security status reports to provide system status, report potential and actual security violations and provide procedural recommendations
·Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program
·Ensure that Service Level Agreements are defined, tracked and met across SIEM
·Develop and support strategic plans and projects to meet Global Security and SOC goals and objectives
·Drive execution of daily, weekly, and monthly metrics for statistical threats and KPIs
·Part of a 24x7 team equipped with unique expertise and tools to monitor, triage, analyze, escalate and remediate potential threats and vulnerabilities
·Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures.
·Maintain a solid working knowledge of Information Security principles and practices.
·Coordinate evidence/data gathering and documentation and review Security Incident reports
·Provide recommendations for improvements to Company''s Security Policy, Procedures, and Architecture based on operational insights
·Own the product roadmap for all SIEM and log management products Requirements

To be considered for this position, applicants need to meet the qualifications listed in this posting.
Required Qualifications:
·Bachelor’s or equivalent Degree in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience
·5 or more years of technical experience in Information Security
·Proven technical leadership experience
·The ability and willingness to participate in a rotational 24x7 On-Call support
·Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.)
·Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
Preferred Qualifications:
·Experience with network monitoring in a SOC environment
·Security certifications (e.g. Security+, GCIA, GCIH, CEH, CFCE, OSCP, etc.)
·Experience and knowledge conducting cyber threat analysis originating from phishing emails
·Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms
·Development experience in one or more of the following: C+, Python, PS, Bash, or Java
Key Skill(s)

Similar Jobs
View All Similar Jobs
Walkin for you