Apply on Employer Site

Secur-Serv · 1 day ago

Security Engineer

Middletown, NJ

Full-time

Hybrid

Senior Level

6+ years exp

Secur-Serv is seeking a Security Engineer to assist with log migration and detection strategy for their customers. The role involves working closely with the technical lead to onboard log sources and implement detection strategies to protect customers from threats.

ConsultingCyber SecurityFinancial Services

Hiring Manager

Mark Drzewiecki

Responsibilities

Work with technical lead to develop log ingestion strategy

Contribute to detection strategy based on industry best practices

Detail step by step process to ingest high quality log sources

Perform log source monitoring and optimization

Create high quality correlation rules

Tune log sources and correlation rules

Be an SME for SIEM, Correlation and Log Source Ingestion

Recognize opportunities where automation can improve analyst alert handling

Collaborate with internal and external teams to ensure product adoption

Create technical documentation detailing SIEM aspects of the engagement

Qualification

SIEM deploymentCorrelation rules developmentLog source ingestionSplunkIBM QRadarSecurity Operations CenterUnderstanding logsSecurity Analysis & ResponseTechnical documentationCommunication skillsPresentation skills

Required

Strong communication (written and verbal) and presentation skills, both internally and externally

6+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level

Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms

The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities

Experience working with and deploying a variety of SIEM technologies (i.e Splunk, IBM QRadar)

A proven ability to offer suggestions on detection strategy based on customer requirements

Ability to understand logs, locating and understanding 3rd party documentation where needed

Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate, and other performance metrics

Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud-based environments

4 years' experience with Security Operation Centers tooling and processes

Relevant bachelor's degree or industry recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification etc)

Ability to read and understand technical design documentation

Ability to create technical design documentation