Security Engineer
Role summary
The Security Engineer will be responsible for assisting customers with log migration and developing detection strategies within SIEM platforms. This role involves working closely with technical leads to ensure proper log source onboarding, designing and implementing correlation rules to protect against threats, and optimizing existing configurations. The engineer will also be a subject matter expert for SIEM, correlation, and log ingestion, identifying automation opportunities and creating technical documentation. A hybrid work model is required, with three days per week onsite in Middletown, NJ.
\*\*\*\*\*NO C2C OR THIRD PARTY INQUIRIES\*\*\*\*\*
Requires Hybrid work 3 Days per Week Onsite in Middletown, NJ
Your Career
As a SIEM Engineer you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all the relevant log sources are onboarded and ingested in accordance with industry best practices and customer requirements. You will then work to determine a suitable detection strategy, helping to protect customers from threats, by designing and implementing correlation rules.
Your Impact
- Work with technical lead to develop log ingestion strategy.
- Contribute to detection strategy based on industry best practices.
- Detail step by step process to ingest high quality log sources.
- Perform log source monitoring and optimization.
- Create high quality correlation rules.
- Tune log sources and correlation rules.
- Be an SME for SIEM, Correlation and Log Source Ingestion.
- Recognize opportunities where automation can improve analyst alert handling.
- Collaborate with internal and external teams to ensure product adoption.
- Create technical documentation detailing SIEM aspects of the engagement.
Your Experience
- Strong communication (written and verbal) and presentation skills,both internally and externally.
- 6+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level.
- Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms.
- The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities.
- Experience working with and deploying a variety of SIEM technologies (i.e Splunk, IBM QRadar).
- A proven ability to offer suggestions on detection strategy based on customer requirements.
- Ability to understand logs, locating and understanding 3rd party documentation where needed.
- Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate, and other performance metrics.
- Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud-based environments.
- 4 years’ experience with Security Operation Centers tooling and processes.
- Relevant bachelor's degree or industry recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification etc).
- Ability to read and understand technical design documentation.
- Ability to create technical design documentation.
Similar roles
Staff Security EngineerPivotal Health · Los Angeles, California, United States · Hybrid- Security EngineerLawrence Harvey · Toronto, Ontario, Canada · Hybrid
- Security EngineerARQ · New York, New York, United States · Remote
Security EngineerAP Professionals · United States · Remote- Senior Security EngineerSystems Integration Solutions · Cupertino, California, United States · Onsite
