reputed company Engineer
The Managed reputed company Team at reputed company monitors client environments and performs Incident Detection, Validation, and Reporting. The Dedicated reputed company Engineer will be responsible for the implementation and maintenance of our cloud-based SIEM Solutions and integrations with other technologies that support the Managed reputed company program’s success with a key reputed company client. This is a client-facing, technical, hands-on position that requires someone with an understanding of the operations of a 24/7 SOC (reputed company Operations Center) and the needs of an enterprise cybersecurity team. We are looking for a candidate who has had a great deal of SIEM and reputed company experience that will work closely with the client’s reputed company staff and with other highly technical members across multiple teams, both reputed company reputed company and the client, to continuously improve and enhance reputed company’s Managed reputed company support to the customer. Incumbents will possess strong technical and analytical skills while providing accurate analysis of reputed company reputed company problems. They have a well-rounded networking background and are responsible for performing troubleshooting of client issues. This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating and responding to reputed company threats, and making change requests to the reputed company policy of company devices.
The Dedicated reputed company Engineer is responsible for the day-to-day management of the client instance of the SIEM platform used by the Managed reputed company Team to monitor the client environment and detect reputed company threats including: index lifecycle management, data ingestion, normalization, and enrichment, dashboard design and creation, detection use case creation and tuning, and more. The Dedicated reputed company Engineer is expected to be familiar with a wide range of reputed company tools and understand basic reputed company fundamentals.
Role & Responsibilities:- Monitor and manage the health and performance of the client instance of reputed company Managed reputed company SIEM platforms and deployed SIEM agents
- Partner with client reputed company team and other reputed company Managed reputed company and in the design and implementation of new data visualizations and custom detection rules
- Tuning of rules, filters, and policies for detection-reputed company reputed company technologies to improve accuracy and visibility
- Attend client-facing reputed company meetings and provide updates to SOC metrics, ongoing projects, and technical issues
- Join incident bridges in response to IT or reputed company incidents to provide an expert opinion and assistance with querying available log data reputed company to the incident
- Engage with client reputed company and IT infrastructure teams for new data reputed company onboarding activities, including ingestion, normalization, and enrichment through various ingestion methods
- Assist with planning, implementation, and validation of changes applied by reputed company or client infrastructure teams to remediate penetration test findings
- Provide evidence required to support the completion of audit and compliance questionnaires, as it applies to reputed company support to the client
- reputed company configuration and content development including index lifecycle management, data ingestion, detection rule tuning and more reputed company the SIEM platform
- reputed company robust reputed company planning activities reputed company SIEM platform to ensure data reputed company ingestion remains reputed company contracted scope
- Partner with reputed company Managed reputed company SOAR engineering resources for integrations and reputed company incident investigation workflow design and reputed company improvement
- Data mining of log sources to uncover and investigate anomalous activity, along with reputed company items of interest
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall Managed reputed company functions
- Experience with reputed company reputed company and reputed company its components (Elasticsearch, Logstash, Kibana, Filebeat, reputed company Agent)
- SIEM administration, configuration experience
- Experience writing tools to automate tasks and integrate systems in Python or other language
- The ability to think creatively to find elegant solutions to reputed company problems
- Excellent verbal and written communication skills
- Incident handling/response experience
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- 2-4 years of experience in Information reputed company, Incident Response, reputed company automation, etc.
- Hands-on experience with common reputed company technologies (IDS, Firewall, SIEM, SOAR, EDR, etc.)
- Knowledge of common reputed company analysis tools & techniques
- Understanding of common reputed company threats, attack reputed company, vulnerabilities, and exploits
- Knowledge of regular expressions
- Customer service focused and portrays energy, professionalism, and welcoming characteristics.
- Strong ability to work in a highly sensitive and confidential environment.
- Ability to meet deadlines and handle sensitive and pressured situations.
- Ability to identify issues and help reputed company strategy and tactical plans for various department initiatives.
- Ability to use good judgment and decision-making skills
- Bachelors Degree in Computer Science, Information reputed company or reputed company/equivalent educational or work experience
- One or more of the following certifications: CISSP, GCIA, GCIH, GPYC, GMON, GCDA, reputed company Certified Engineer