Sr. Security Engineer
Memphis, TN, United States
Our client, a large international Information Security Consulting organization, has asked to find a Senior-Level security expert to lead a major SIEM migration. This is a highly visible role with mission critical responsibilities because you will play an integral part of a major multi-year SOC transformation. STRONG SPLUNK UNDERSTANDING IS CRITICAL FOR THIS ROLE.
Responsibilities of the SIEM Security Engineer:
Architect and manage SIEM technologies, specifically with ArcSight
Lead a s major SIEM migration into a Splunk environment (complete data migration).
Develop, tune, and maintain tools to automate analysis capabilities with host and log-based security event analysis
optimize event ingestion, reporting and alerting
Create signatures, rule sets, and content analysis definitions for a variety of security detection capabilities
Manage project tasks, reporting, and customer meetings
Requirements
Requirements of the SIEM Security Engineer:
Command line and console-based troubleshooting
Custom parser creation for events in Syslog, ODBC, ad flat file formats
Splunk App creation and scripting experience (Python)
Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc.
Experience supporting large scale SIEM migrations and project task management
Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts.
A full and competitive benefits package is available with this role.
#J-18808-Ljbffr