Senior Cybersecurity Analyst - SIEM SME

25 Jun 2024

Vacancy expired!

A leading NYC academic medical center is looking for a Senior Cybersecurity Analyst - SIEM SME for a contract to hire role in NYC.

Please note: This position will require onsite work.

Minimum Qualifications

  • Bachelor's degree with a focus in Information Security, Computer Science or Computer Engineering
  • Demonstrated experience managing a SIEM within an enterprise-level information security program
  • Familiarity with data lakes or big data technologies and integrations is desired

Knowledge & Experience

  • 3+ years of experience installing, configuring, and using Splunk for an enterprise environment
  • Expert knowledge in using logging platforms for diagnostics, forensics, and threat detection
  • 3+ years of recent operational experience in Security Operations Centers or Incident Response team
  • 3+ years in threat intelligence tools (Anomali), Endpoint Security tools (i.e. Crowdstrike, Cylance)
  • Understanding of the TCP/IP networking stack and network technologies.
  • Experience with tools such as Proofpoint, Domain Tools, VirusTotal, Wireshark, Snort, NMAP.
  • Excellent technical knowledge of Linux and Windows operating systems and scripting languages - PHP, Python, Perl, Bash
  • Knowledge of data lake technologies such as Hadoop
  • Familiarity with technologies such as VPN, Active Directory, Virtualization Platforms, Cloud Platforms
  • Ability to correlate technical information from threat intelligence sources and other disparate security systems to draw conclusions about incidents.
  • Strong understanding of industry security best practices and standards.
  • Experience with building and using security platforms

Personal Attributes

  • Highly self motivated and self directed
  • Able to solve issues independently under tight timelines
  • Proven analytical and problem-solving abilities. Able to think out of the box.
  • Ability to effectively prioritize and execute multiple tasks in a high-pressure environment.
  • Good written, oral, and interpersonal communication skills.
  • Ability to conduct research into IT security issues and products as required.
  • Ability to present ideas in business-friendly and non-technical language.
  • Keen attention to detail.
  • Team-oriented and skilled in working within a collaborative environment.

Preferred Qualifications

  • CISSP
  • Splunk Enterprise Certified Admin
  • Splunk Enterprise Security Certified Admin
  • Experience with SIEM, Anomali, Proofpoint, Crowdstrike, Cylance

Responsibilities

  • Serve as the subject matter expert for security monitoring and visibility and lead support person for the team's SIEM platform
  • Define, maintain and continuously improve the technical roadmap and architecture for the SIEM platform
  • Research and develop detection, monitoring, and automated response capabilities and use cases to improve operations
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attacks.
  • Responsible for identifying and onboarding of log sources to help with monitoring, detection, and response.
  • Assist in the construction of correlation alerts in response to new or observed threats within the enterprise
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Provide first level and on-call support to analyze and triage potential incidents.
  • Assist with projects that focus on enhancing detection and incident response capabilities and other improvements to the technologies used by the team.
  • Support, administer, and fine tune other in-place security solutions for efficient and appropriate operations.
  • The Senior Analyst will be a key member of the IT Security team responsible for performing critical functions within the Cyber Threat and Incident Response discipline.
  • The main function is to use techniques and SIEM tools to create useful intelligence to detect threats in the environment.
  • The Senior Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

About us: QED National is a leading IT consulting, solutions, and staff augmentation firm, serving both the public and private sectors for over 29 years. Headquartered in midtown Manhattan, QED National's team is comprised of the brightest minds in the industry with the skills to solve the most complex technological problems.

  • ID: #43609871
  • State: New York New york city 10008 New york city USA
  • City: New york city
  • Salary: $145000.00 - $145000.00 per annum
  • Job type: Contract
  • Showed: 2022-06-25
  • Deadline: 2022-08-24
  • Category: Et cetera