Cyber Security (SIEM) Engineer
Louisville, Kentucky, United States
With over two decades of successfully operating, managing, and securing private, public, and hybrid cloud environments, Ntirety has led enterprises across industries through the volatile early days of data hosting into the world of 24x7 managed security with our premier Compliant Security solutions. Through cost effective and scalable solutions tailored to business-specific needs, Ntirety eliminates gaps in both security posture and compliance documentation by delivering solutions that cover the entire application, the entire compliance and security process, the entire time.
When it comes to a cybersecurity crisis, the question is not if, but when it will happen – that’s why Ntirety’s mission to provide proactive compliant security is crucial in today’s business landscape. No matter what role or department you work in, being a part of Ntirety means supporting all of our different teams to help keep our clients protected and updated on the latest in cybersecurity.
We are a passionate team, but we are small, so we seek someone that can roll up their sleeves and get stuck in. Our hope is that speaks to you! Still with us? You likely believe that there is more to a job than just getting paid, and that the mission really matters. Good. Because we believe that too.
Join the team at the forefront of this mission-critical industry.
For more information about Ntirety, please visit www.ntirety.com or check out our @lifeatntirety Instagram and Twitter pages.
The Cyber Security (SIEM) Engineer, Managed Security Services will be responsible for creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments. Experience and knowledge of SIEM is essential. The Security Engineer will work closely with Management, Security Analysts, Solution Architects, other Security Engineers, and clients to complete high profile, critical services to existing Managed Security Service clients.
ESSENTIAL JOB DUTIES AND RESPONSIBILITIES:
· Secure design of the SIEM architecture and documentation of the design, configurations and associated procedures for log ingestion and platform maintenance.
· Design, building, testing and implementation of security alerts and reports using knowledge of event source logs and network packet data.
· Actively seek to improve and develop new alerting and dashboarding based upon observed security activity.
· Improve the ability to build complex security alerts by making and implementing recommendations on event source coverage, log and packet meta-tagging, and log and packet filtering.
· Recognize and onboard new data sources into LogRhythm and analyze the data for parsing.
· Design and build dashboards in the SIEM and tune out false positives from alerts in partnership with Threat Detection and Response.
· Assist Security Analysts in investigation and analysis as needed.
· Document and update the SIEM engineering processes and logging/ingestion procedures.
· Provide skillful knowledge within a Linux environment, editing and maintaining SIEM configuration files and applications.
· Evaluates and recommend new and emerging security products and technologies with careful documentation of technical requirements and collection of functional requirements from Threat Detection and Response.
· Research and document security best practices to continually improve the deployment and use of the SIEM.
· Stay abreast of current technologies, security compliance requirements, standards, and industry trends in order to help achieve cybersecurity’s goals.
· Maintain the health, performance, stability, tuning and ongoing planning of the SIEM platform.
· Support the SIEM platform and participate in on-call rotation.
· Interact with senior management, as necessary.
· Hours: To be determined based upon business need. There is an on call rotation for this position.
DESIRED MINIMUM QUALIFICATIONS:
· 3+ years professional experience supporting and maintaining SIEM systems.
· Experience with basic tuning of SIEM content.
· Experience working in a Security Operations Center, Managed Security, or client network environment.
· Knowledge of Linux and Windows Operating Systems.
· Experience with LogRhythm SIEM security products and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
· Must have technical troubleshooting and problem-solving skills
· Ability to work under pressure in a fast-paced environment.
· Strong attention to detail with an analytical mind and outstanding problem-solving skills.
· Great awareness of cybersecurity trends and hacking techniques.
· Ability to learn and communicate technical information to non-technical people.
· Must have excellent written & oral communication skills, and strong interpersonal skills.
· Must emulate the Ntirety Values in all that they do.
· Bachelor's degree in computer science or related field or equivalent experience.
· Additional certifications in security related disciplines (eg: Security+, CEH, CISSP, etc.) and hold LogRhythm Certifications: LRPA and LRSE are preferred.
Ntirety is an Equal Employment Opportunity / Affirmative Action Employer (EEO/AA).
Ntirety offers a competitive salary and benefits including Paid Time Off, FREE Medical to Employees, Dental, retirement plan with 401(k) match, and much more. If you are interested in joining a profitable, growing, and dynamic company, we want to hear from you! Ntirety is an Equal Opportunity Employer and does not discriminate on the basis of race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation, or any other classification protected by Federal, State or local law.
Ntirety thanks all candidates for their interest; however, only shortlisted candidates will be contacted.