Senior SIEM Engineer

01 Dec 2024

Vacancy expired!

Job Description Our client is seeking a SIEM Engineer who will support and develop SIEM implementations deployed across their cloud infrastructure.

Job Duties
  • Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
  • Lead logging enrollments from multi-tier and Cloud applications into the logging platforms
  • Engineer, configure and deploy Enterprise SIEM/SEM solutions such as QRadar, Splunk, Sumologic, ELK
  • Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
  • Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements

Required Qualifications
  • 5 or more years of relevant work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD
  • One or more of AWS, Azure, or Google Cloud Platform Certifications
  • Strong Knowledge of networking protocols and cybersecurity best practices in a cloud environment
  • Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing
  • Experience with deploying and managing a large SIEM deployments
  • Excellent understanding of enterprise logging standards, with a focus on application logging
  • 5+ years of experience with SPLUNK, ArcSight, Sumologic and/or Qradar SIEM systems
  • Advanced knowledge of content creation concepts and best practices
  • Excellent understanding of regular expressions, development of custom/flex Parsers
  • Excellent Python and Unix Shell scripting skills
  • Experience with cloud service providers, including AWS, Azure, or Google Cloud Platform
  • Solid understanding of the following AWS Services; EC2, ECS, IAM, Cloudwatch, Lambda, RDS, CloudFront, S3, Route53
  • Excellent understanding of log/event flow from numerous services within AWS and Google Cloud Platform and experience with integrating them with 3rd party logging tools such as Splunk, Sumologic and Elastic Cloud.
  • Implementing and optimizing cloud infrastructure, DevOps best practices, AWS/Google Cloud Platform and cloud best practices and principles.

  • ID: #23690332
  • State: Virginia Sterling 20163 Sterling USA
  • City: Sterling
  • Salary: Depends on Experience
  • Job type: Permanent
  • Showed: 2021-12-01
  • Deadline: 2022-01-29
  • Category: Et cetera