SIEM Engineer - Exabeam

Access Talent Today, LLC - Dallas, TX

Job Description

Who we are looking for:

Our client, with their vendor partners, is pushing the envelope on the next generation of SIEM functionality. The Fusion SOC requires a SIEM platform on steroids. The NextGen SIEM, in addition to event and case management, provides advanced analytics as well as tools for orchestration and automation. We are looking for a highly motivated security practitioner and infrastructure specialist to manage the next generation SIEM platform. The role is a fusion of skills: security event analysis, ELK data structures, and fundamental tech platform management.

The NextGen SIEM Analytics Engineer role will provide the successful candidate a challenging and rewarding job. You will be working with the latest advances around event management and analytics, as our client continues to bring advanced security operations to the market.

How you’ll make an impact:

  • Ensure the high availability and efficient operation of the NextGen SIEM, specifically Exabeam
  • Manage the ingestion and health of event intelligence data flows
  • Create and fine-tune security event alerting use cases
  • Establish operating processes for advanced SIEM environments
  • Create best practices in this rapidly evolving area

 

Qualifications

The ideal candidate:

  • Enjoys working as part of a high-performance team
  • Is a passionate, modern security practitioner with knowledge across multiple cyber security domains and technology
  • Understands in detail how the SIEM platforms supports and enables the Security Event Analyst’s success
  • Enjoys working with advanced SQL data structures and queries
  • Has strong visualization and communication skills enabling translation of complex concepts into practical messaging
  • Has a thirst for knowledge and a methodical approach to creative problem solving
  • Is willing to obtain and maintain advanced platform-specific certifications

Competencies:

  • Incident response and threat eradication in enterprise environments
  • Real-world experience with modern security tools such as sandboxing technologies, EDR, SIEM, user behavior analytics, threat intelligence tools/platforms, and traffic analysis platforms
  • Experience with data analytics platforms
    • ElasticSearch / ELK Stack
    • Splunk
    • Hadoop/Nifi/etc.
  • Working knowledge of machine learning a plus
  • Experience with cross-platform logging systems and log data forwarding solutions including, Syslog forwarding and facilities, Splunk forwarder, Windows event log, WEC/WEF, logs appended services such as log4j and the best practices for managing structured and unstructured event data
  • SQL database data management and reporting skills that include ability to write SQL database queries and ETL operations
  • Experience with Unix/Linux platform configuration, performance tuning, and OS internals
  • Experience with shell scripting, leveraging languages such as Python for scripting, job schedulers
  • Expected to build and maintain automation solutions for system administration and data management tasks
  • Excellent communication, writing, and interpersonal skills. This role requires engagement with teams across the client's tech community regarding data onboarding to the SIEM, dashboard building, governance, and will require the individual to maintain documentation

Desired Certifications/Degree:

  • Bachelors degree in Computer Science, Data Analytics, or related area

Commitments:

  • Candidate must be able to obtain a passport for international travel as needed
  • The position has no supervisory component but the option to pursue a leadership career growth path is available

 



Posted On: Saturday, January 12, 2019



Apply to this job
  • Additional Information