Cyber Security (SIEM) Engineer
Newark, Delaware, United States
Ntirety
Winner of three Global InfoSec Awards, Ntirety is the leader in Data Security and Regulatory Compliance, providing compliant, pervasive data protection across your entire IT stack.Description:
The Cyber Security (SIEM) Engineer, Managed Security Services will be responsible for creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments. Experience and knowledge of SIEM is essential. The Security Engineer will work closely with Management, Security Analysts, Solution Architects, other Security Engineers, and clients to complete high profile, critical services to existing Managed Security Service clients.
To be eligible for the Employee Bonus Plan, all employees are required to be performing their job duties satisfactorily during the applicable bonus period. This includes consistent responsiveness during any assigned-On Call periods. Employees should also review the Employee Bonus Plan eligibility requirements to determine if they are eligible. If you have any questions on your eligibility for the Employee Bonus Plan please contact Human Resources.
Ntirety is proud to be named a Top 20 MSSP Provider for 2022 by MSSP Alert and ChannelE2E
https://www.msspalert.com/top250/list-2022/24/
Responsibilities:
· Secure design of the SIEM architecture and documentation of the design, configurations and associated procedures for log ingestion and platform maintenance.
· Design, building, testing and implementation of security alerts and reports using knowledge of event source logs and network packet data.
· Actively seek to improve and develop new alerting and dashboarding based upon observed security activity.
· Improve the ability to build complex security alerts by making and implementing recommendations on event source coverage, log and packet meta-tagging, and log and packet filtering.
· Design and generate data parsers as necessary to optimize ingestion of data from a wide variety of devices including servers, firewalls, IDS/IPS, VA appliances
· Design and build dashboards in the SIEM and tune out false positives from alerts in partnership with Threat Detection and Response.
· Assist Security Analysts in investigation and analysis as needed.
· Document and update the SIEM engineering processes and logging/ingestion procedures.
· Provide skillful knowledge within a Linux environment, editing and maintaining SIEM configuration files and applications.
· Evaluates and recommend new and emerging security products and technologies with careful documentation of technical requirements and collection of functional requirements from Threat Detection and Response.
· Research and document security best practices to continually improve the deployment and use of the SIEM.
· Stay abreast of current technologies, security compliance requirements, standards, and industry trends to help achieve cybersecurity’s goals.
· Maintain the health, performance, stability, tuning and ongoing planning of the SIEM platform.
· Support the SIEM platform and participate in on-call rotation.
· Interact with senior management, as necessary.
Desired Role Outcomes:
· We are proactive in identifying cyber security risks in both our internal and customer environments alike.
· We use and maintain our security platforms & tools to their fullest extent, and continually have the skills & knowledge needed to use them.
· Our customers and internal teams alike have the support that they require when it comes to security issues
· Our security workforce is knowledgeable on the latest trends in security and are proficient security professionals.
· We are leveraging automation to reduce our reliance on repeatable manual work.
Requirements
Qualifications / Required Skills:
· 3+ years professional experience supporting and maintaining SIEM systems (LogRhythm, ELK, Azure Sentinel).
· Experience with basic tuning of SIEM content.
· Experience working in a Security Operations Center, Managed Security, or client network environment.
· Knowledge of Linux and Windows Operating Systems.
· Must have technical troubleshooting and problem-solving skills
· Ability to work under pressure in a fast-paced environment.
· Strong attention to detail with an analytical mind and outstanding problem-solving skills.
· Great awareness of cybersecurity trends and hacking techniques.
· Ability to learn and communicate technical information to non-technical people.
· Must have excellent written & oral communication skills, and strong interpersonal skills.
· Must emulate the Ntirety Values in all that they do.
Education: Bachelor's degree in computer science or related field or equivalent experience. Additional certifications in security related disciplines (eg: Security+, CEH, CISSP, etc.) and hold LogRhythm Certifications: LRPA and LRSE are preferred.
Tags: Automation Azure CEH CISSP Compliance Computer Science ELK Firewalls IDS IPS Linux LogRhythm SIEM SOC Threat detection Windows
Perks/benefits: Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs