Vacancy expired!
- Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
- Lead logging enrollments from multi-tier and Cloud applications into the logging platforms
- Engineer, configure and deploy Enterprise SIEM/SEM solutions such as QRadar, Splunk, Sumologic, ELK
- Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
- Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
- 5 or more years of relevant work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD
- One or more of AWS, Azure, or Google Cloud Platform Certifications
- Strong Knowledge of networking protocols and cybersecurity best practices in a cloud environment
- Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing
- Experience with deploying and managing a large SIEM deployments
- Excellent understanding of enterprise logging standards, with a focus on application logging
- 5+ years of experience with SPLUNK, ArcSight, Sumologic and/or Qradar SIEM systems
- Advanced knowledge of content creation concepts and best practices
- Excellent understanding of regular expressions, development of custom/flex Parsers
- Excellent Python and Unix Shell scripting skills
- Experience with cloud service providers, including AWS, Azure, or Google Cloud Platform
- Solid understanding of the following AWS Services; EC2, ECS, IAM, Cloudwatch, Lambda, RDS, CloudFront, S3, Route53
- Excellent understanding of log/event flow from numerous services within AWS and Google Cloud Platform and experience with integrating them with 3rd party logging tools such as Splunk, Sumologic and Elastic Cloud.
- Implementing and optimizing cloud infrastructure, DevOps best practices, AWS/Google Cloud Platform and cloud best practices and principles.