SnapCode Inc ยท 1 month ago
SIEM Engineer
United States
Contract
Remote
Mid LevelSnapCode Inc is seeking a SIEM Engineer to manage their SIEM platform and support delivery for Managed Security Services to a State Government client. The role involves leading SIEM interactions, managing platform health, performing upgrades, and ensuring compliance with security requirements.
Information Technology & Services
Responsibilities
Primary engineer managing SIEM platform with IBM QRadar and/or Palo Alto XSIAM and supporting delivery for Managed Security Services to a State Government client to provide timely, accurate, planned completion and implementation of security services, which must be available for 24x7x365 support
Leads primary day-to-day SIEM interactions with project team and State cybersecurity staff. Manages platform health, performs upgrades, including managing deployed sensors and collectors. Interacts with SOC analysts to tune alerts and use cases, to include integrations with client
Previous hands-on QRadar engineering and configuration experience required as system will be undergoing platform upgrades. Any Palo Alto XSIAM training
Adding new log sources to existing QRadar and/or XSIAM, configure use cases, alerts, etc
Perform QVM scans
Conduct Nessus SCSEM scans
Triage scan finds, publish results, fine tune alerts
Ensure software is developed to meet functional, non-functional, and compliance requirements
Code solutions and perform unit testing
Ensure the solution can be integrated successfully into the overall application/system with clear, robust, and well-tested interfaces
Perform troubleshooting, work through complex requirements/solutions, and provide assistance/coaching with the creation of QRadar search queries and dashboards
Provide engineering and administration in supporting complex and large Splunk environments consisting of search heads, indexers, deployment servers, heavy/universal forwarders, etc
Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports
Maintain strong partnership with Detection & Response leadership and other teams in Security Org
Qualification
Required
IBM QRadar SIEM
Nessus
Palo Alto EDR
Palo Alto XDR
SIEM
SOC/SIEM
Use cases
Supporting
Palo Alto XSIAM
Cribl
Previous hands-on QRadar engineering and configuration experience required as system will be undergoing platform upgrades
Adding new log sources to existing QRadar and/or XSIAM, configure use cases, alerts, etc
Perform QVM scans
Conduct Nessus SCSEM scans
Triage scan finds, publish results, fine tune alerts
Ensure software is developed to meet functional, non-functional, and compliance requirements
Code solutions and perform unit testing
Ensure the solution can be integrated successfully into the overall application/system with clear, robust, and well-tested interfaces
Perform troubleshooting, work through complex requirements/solutions, and provide assistance/coaching with the creation of QRadar search queries and dashboards
Provide engineering and administration in supporting complex and large Splunk environments consisting of search heads, indexers, deployment servers, heavy/universal forwarders, etc
Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports
Maintain strong partnership with Detection & Response leadership and other teams in Security Org
Preferred
Prior experience engaging with State agencies/employees as clients
Company
SnapCode Inc
Introduction Snapcode Inc., a US-based IT staffing firm, provides specialized technology professionals to businesses seeking their expertise.
11-50 employees
Funding
Current Stage
Early StageCompany data provided by crunchbase