Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Working with the Cybersecurity Incident Response Team and Threat Intelligence Team to identify content improvements.
- Assisting the Cybersecurity Incident Response Team and Threat Intelligence Team with searches by acting an expert in Splunk Search Language.
- Provides input to the overall SIEM security architecture, governance model.
- Provide technical oversight, standardization and validation of the effectiveness of SIEM content service.
- Participate in efforts to research, design and implement components in the SIEM content development space there are standards-based, high-performing, highly available and secure.
- Educated internal and external users of security technologies to continually improve the knowledge and skill-base of the organization on how best to operate and support the technology and security services.
- Supports, implements and promotes standard configuration and change management, processes and practices.
Job Requirements
Skills
- Experience with architecting, implementing, and operating Splunk or other big data platforms.
- Experience with IDS, IPS, and SIEM appliance architecture, operations, and management
- Experience with working in a globally distributed enterprise environment
- Experience with monitoring use case implementation methodologies
- Knowledge of Linux, Unix, and Microsoft operating systems
- Knowledge of TCP/IP protocols
- Experience using regex (regular expressions) with a scripting language (nix shells, python, C++, ruby, etc.) is acceptable
- Excellent communication skills and problem-solving ability
- Troubleshooting skills and strong technical learning aptitude
Qualifications
- Certified Information Systems Security Professional (CISSP)
- CEH, OSCP, or other ethical hackers
- SIEM certifications