|Date Posted||June 18, 2019|
SECURITY ENGINEER (SIEM)
As Security Engineer (SIEM) you will:
- Keep abreast of evolving cyber threats and identify new and sophisticated methods of detecting them.
- Interact with customers to gather requirements and ensure implementation of cyber security solutions.
- Be responsible for the creation of procedures, implementation of processes, and development of staff for managing and maintaining security systems across internal and client environments.
- Perform Operational Support task for McAfee Systems consisting of Incident, Break-Fix support, and Standard Service Request.
- Contributor works closely with Senior Engineers in supporting existing systems and initiatives.
- Be responsible for configuration of current enterprise security log source types into the SIEM.
- Analyzes and identifies areas of improvement with existing processes, procedures and documentation.
- Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
- Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies.
- Implement and configure McAfee SIEM software and appliance-based products in large enterprise and Government environments.
- Well versed within McAfee SIEM and assessing the current security environment, developing strategies to enhance scalability of the solution, and using McAfee SIEM to detect to incidents and act as the SME for all related questions to the McAfee SIEM implementation.
- Ensure all network security assets, both internal and external (e.g. Cloud-based systems), adhere to security best practices, compliance regulations, and required governance framework.
- Identify, analyze, communicate, and rectify security vulnerabilities across IT infrastructure.
- Technical analysis and performance tuning of hardware, software, networks, security, and logging/monitoring.
- Use ITIL Service Request, Incident, Risk, Problem, and Change Management principles to optimize and reduce risks within IT network, voice, video, and collaboration, particularly as it relates to security.
- Design and configure system management tools to provide monitoring and management of network infrastructure.
- Ensure network infrastructure and security standards for data centers, POPs, remote sites, and Cloud infrastructure align to site patterns that are communicated and adopted globally.
- Develop and maintain documentation related to the installation, administration, and maintenance of IT security systems and assets.
- 3+ years professional experience maintaining SIEM systems.
- 1-2 years professional experience working with networks and network architecture.
- 1+ year professional experience writing SIEM content.
- College degree or equivalent training with experience working in a Security Operations Center, * Managed Security, or client network environment.
- Information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee E-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Manager (SIEM), to include: NitroSecurity, QRadar RSA Envision Network Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva.
- Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.
- Experience with content SIEM content creation, dashboard development, and reporting
- Knowledgeable of Linux and Windows Operating systems (Windows and Linux knowledge required).
- Demonstrated experience architecting, implementing, tuning, and managing the McAfee Security Information and Event Manager (SIEM)/Nitro.
- Preferred experience with McAfee ePolicy Orchestrator (ePO), VirusScan (VSE), Data Lost Prevention (DLP), Encryption, and Intrusion Preventions (IPS) solutions.
- Basic experience with ITIL processes such as Incident/Problem/Configuration/Change management.
- Basic customer handling skills along with extensive hands on skills in defining and creating operational/procedure documents.
- In-depth technical knowledge of current network and security hardware, software, protocols and Internet standards, including: EIGRP, MPLS, DMVPN, QoS, SSL, TCP/IP, logging, monitoring, encryption technologies, and all layers of OSI model.
- Knowledge applying security principles as it relates to IT Governance, Risk, and Compliance.
- Basic understanding of SANS Critical Security Controls (CSC).
- Basic to Moderate knowledge of penetration techniques.
- Basic knowledge of Information Technology forensic techniques.
- Capable of technical documentation for data flows, system integrations, design documentation, and standard operating procedures.
- Experience with Microsoft Active Directory and related technologies such as LDAP, LDAPS and RADIUS.
- Experience configuring, administering, and managing McAfee Data Exchange Layer (DXL) and McAfee Threat Intelligence Exchange solutions.
- General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).
- An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
- Experience with various other SIEM security products such as: QRadar, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
- CISSP, CISM, CISA, and Microsoft certifications preferred.
We and our clients are equal opportunity employers who value diversity at our companies. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.