SIEM Engineer

Description

SIEM Engineer

The SIEM Engineer will be responsible for implementing, maintaining, and monitoring security solutions for application and enterprise platforms. The SIEM Engineer is a technical role focused on the security tools, services, and processes. The engineer works across functional Development, Engineering, Enterprise Architecture, Business and Operations teams to support and enhance IT Security capabilities including Identify Access Management (IAM), network security and application security for the company. Will be part of a team responsible for managing all aspects of Cybersecurity / IT Security in a highly regulated and compliant environment.

Responsibilities

• Install, configure, and maintain security tools and services such as firewalls, antivirus, encryption, VPN, SIEM, etc.
• Perform security assessments and audits to identify and remediate vulnerabilities and risks
• Respond to security incidents and events and conduct root cause analysis and remediation
• Develop and maintain security documentation, policies, standards, and procedures
• Provide security guidance and best practices to other IT teams and business users
• Research and evaluate new security technologies and trends
• Collaborate with other security team members and stakeholders to ensure alignment and integration of security solutions and processes

Qualifications

Job Requirements

• Bachelor’s degree with relevant coursework in computer science or a related IT field
• 3 - 5 years of recent related work experience within enterprise IT Security and systems administration in a highly regulated and compliant organization
• CompTIA Security certification or equivalent required
• Will accept any suitable combination of education, training, or experience

Desired Skills

• Experience with Sentinel
• Experience with IAST, DAST, and SAST
• Experience with Cloud Security Architecture (Azure/AWS) SaaS, PaaS, IaaS experience)
• Experience in Identity and Access Management
• Experience in implementing and managing security solutions such as firewalls, antivirus, encryption, VPN, SIEM, etc.
• Experience in performing security assessments and audits using tools and frameworks such as NIST, PCI-DSS, CIS, OWASP, etc.
• Experience in incident response and forensics
• Experience in creating and managing information security policies and procedures
• Knowledge of security principles, techniques, and standards
• Knowledge of various security systems: intrusion detection systems (NIDS / HIDS), anti-virus software, identity management systems, log management, content filtering, etc.
• Knowledge of network and web related protocols (eg, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Knowledge of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP Networks
• Knowledge of the system hardening processes, tools, guidelines, and benchmarks.
• Knowledge of security engineering, system and network security, authentication and security protocols, cryptography, and application security