Sr SIEM/SOAR Engineer (Remote)
MIDDLETOWN, PA, US, 17057-3197
Full Time Senior-level / Expert USD 100K - 150K
TE Connectivity
At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world.
Job Overview
The SIEM/SOAR Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources. They are competent to work in all aspects of managing security controls and products.
Key Responsibilities:
- Design, develop, and implement security information and event management (SIEM) rules and detections within the Devo SIEM platform.
- Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
- Utilize Regex for efficient log parsing and extraction of relevant security events.
- Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
- Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.
- Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
- Collaborate with the security operations center (SOC) team to ensure effective incident response and threat hunting.
- Stay current with emerging threats and security best practices, recommending improvements to the SIEM configuration.
- Document SIEM configurations, detection rules, and incident response procedures.
What your background should look like:
Required Qualifications:
- 3+ years in Information Security SIEM administration, parser development, cybersecurity content development, creating queries, alerting, and log analysis (or similar logging role).
- 3+ years’ experience in scripting/process automation.
- 3+ years operating and supporting a large enterprise environment
- Experience with security configuration of operating systems, network devices, etc.
- Demonstrated experience with at least one programming/scripting language
- Demonstrated experience with securing all aspects of an enterprise
- Demonstrated experience in understanding networking technologies and protocols
- Demonstrated some systems administration experience with Windows and Linux/UNIX-based operating systems
- Participate in an on-call schedule for high-priority issues
- Experience in a technology-planning role.
- Must have a passion for technology and stay current with emerging security trends.
- Excellent verbal & written communication and presentation skills.
- Experience with new technology evaluations, software package selection, and buy vs. build analysis.
Preferred Qualifications:
- Experience with Devo (or next-gen SIEM)
- Experience with AWS, Azure, SAAS logging, and cloud technologies in general
- Experience with EDR technologies
- Familiarity with standard logs from different systems: Windows/Linux/Cloud, etc.
- Advanced Scripting – Powershell, Python, etc
- API integration/automation experience
- Experience with process automation / at least one primary SOAR tool
- Manufacturing and engineering industry experience.
- Experience working in a global organization.
Education Required/Desired:
- Undergraduate degree in business, computer science, management information systems, or other equivalent work experience.
Competencies
Values: Integrity, Accountability, Inclusion, Innovation, TeamworkCOMPENSATION
• Competitive base salary commensurate with experience: $100,160 - $150,240 (subject to change dependent on physical location)
• Posted salary ranges are made in good faith. TE Connectivity reserves the right to adjust ranges depending on the experience/qualification of the selected candidate as well as internal and external equity.
• Total Compensation = Base Salary + Incentive(s) + Benefits
BENEFITS
• A comprehensive benefits package including health insurance, 401(k), disability, life insurance, employee stock purchase plan, paid time off and voluntary benefits.
EOE, Including Disability/Vets
Tags: APIs Automation AWS Azure Cloud Computer Science EDR Incident response Linux Log analysis PowerShell Python SaaS Scripting SIEM SOAR SOC UNIX Windows
Perks/benefits: Competitive pay Equity Health care Insurance Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs