135 applicants

Company

Cetera Financial Group · 23 hours ago

Security Services Principal

El Segundo, CA

Full-time

Remote

Lead/Staff

$150K/yr - $190K/yr

Maximize your interview chances

AdviceFinancial Services

Actively Hiring

Insider Connection @Cetera Financial Group

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Monitor security events and alerts from various sources, to include Splunk, and other security tools.

Analyze and investigate security incidents to determine their root cause, impact, and potential risks.

Configure and maintain Splunk platform to ensure efficient log aggregation, correlation, and event analysis. Create and fine-tune Splunk correlation alerts to detect to security incidents effectively.

Provide timely and accurate reports on security incidents, threats, and vulnerabilities to management and stakeholders.

Collaborate with internal teams to develop and enhance security policies, procedures, and guidelines.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

SplunkSplunk Query LanguageCriblPalo Alto XSOARDarktraceJiraServiceNowSecurity incident analysisSecurity policy development

Required

Expertise in developing and managing Splunk applications, dashboards, and visualizations.

Proficient in Splunk Query Language for creating efficient and reusable searches.

Skilled in designing, deploying, and maintaining Splunk infrastructure.

Ability to troubleshoot and resolve issues within the Splunk environment.

Experience with integrating Splunk with various systems and data sources.

Knowledge of managing Splunk knowledge objects (Apps, Dashboards, Saved Searches, Alerts).

Proficiency in utilizing Cribl for data routing, filtering, and transformation.

Experience with Cribl Stream and Cribl Edge for optimizing data flow.

Ability to configure and manage Cribl LogStream for real-time data processing.

Skilled in integrating Cribl with Splunk and other SIEM solutions.

Capable of troubleshooting and resolving issues within Cribl environments.

Understanding of Cribl's role in enhancing data observability and security.

Expertise in designing and implementing automated security orchestration and response workflows using Palo Alto XSOAR.

Proficient in integrating XSOAR with various security tools and data sources.

Ability to create and manage playbooks for incident response and threat mitigation.

Skilled in customizing XSOAR dashboards and reports for SOC operations.

Experience with troubleshooting and optimizing XSOAR integrations.

Knowledge of utilizing XSOAR for threat intelligence and automated response actions.

Proficiency in deploying and managing Darktrace's AI-driven cybersecurity solutions.

Skilled in configuring Darktrace for real-time threat detection and autonomous response.

Ability to analyze and interpret Darktrace alerts and threat intelligence data.

Experience with integrating Darktrace with other security platforms and tools.

Capable of troubleshooting and resolving issues within Darktrace environments.

Understanding of Darktrace's machine learning algorithms and their application in threat detection.

Proficiency in integrating Jira with security tools for streamlined incident tracking and management.

Skilled in creating and managing workflows and automation rules within Jira.

Experience with configuring Jira for effective SOC team collaboration and communication.

Ability to troubleshoot and resolve integration issues between Jira and other platforms.

Knowledge of leveraging Jira for project management and issue tracking within a SOC environment.

Expertise in integrating ServiceNow with various security tools for efficient incident response and management.

Proficient in configuring ServiceNow workflows, automation, and reporting for SOC operations.

Skilled in customizing ServiceNow dashboards and interfaces to meet SOC requirements.

Experience with troubleshooting and optimizing ServiceNow integrations.

Ability to leverage ServiceNow for IT service management and operational efficiency within a SOC.

Benefits

Inclusive health, dental, vision and life insurance plans built to support diverse lifestyles, offer preventative care, and protect against hardship.

Easy access to mental health benefits to meet our team members and their families where they are.

20+ days of paid time off (PTO), paid holidays, 1 paid wellness day and 1 days of paid volunteer time off (VTO) to give our employees the time they need to stay close with their loved ones, recharge, and give back to their communities.

401(k) Savings plan with a generous company contribution (up to 5%), and access to a financial professional to offer our employees the opportunity to plan-ahead for a strong financial future well beyond their working years.

Paid parental leave to support all team members with birth, adoption, and foster.

Health Savings and Flexible Spending Account options to help you save money on healthcare, daycare, commuting, and more.

Employee Assistance Program (EAP), LifeLock, Pet Insurance and more.