Sr. Security Engineer
Memphis, TN, United States
Our client, a large international Information Security Consulting organization, has asked to find a Senior-Level security expert to lead a major SIEM migration. This is a highly visible role with mission critical responsibilities because you will play an integral part of a major multi-year SOC transformation. STRONG SPLUNK UNDERSTANDING IS CRITICAL FOR THIS ROLE.
Responsibilities of the SIEM Security Engineer:
·
Architect and manage SIEM technologies, specifically with ArcSight
·
Lead a s major SIEM migration into a Splunk environment (complete data migration).
·
Develop, tune, and maintain tools to automate analysis capabilities with host and log-based security event analysis
·
optimize event ingestion, reporting and alerting
·
Create signatures, rule sets, and content analysis definitions for a variety of security detection capabilities
·
Manage project tasks, reporting, and customer meetings
Requirements
Requirements of the SIEM Security Engineer:
·
Command line and console-based troubleshooting
·
Custom parser creation for events in Syslog, ODBC, ad flat file formats
·
Splunk App creation and scripting experience (Python)
·
Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc.
·
Experience supporting large scale SIEM migrations and project task management
·
Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
·
A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts.
A full and competitive benefits package is available with this role.
#J-18808-Ljbffr