Sign upLog in
JobsJobs in GeorgiaJobs in Alpharetta, GASecurity JobsSecurity Analysis Jobs

Cyber-Security SIEM Engineer

Seven Seven Softwares

Alpharetta, GA

Apply
JOB DETAILS
SKILLS
ArcSight, CIM (Common Information Model), Communication Skills, Consulting, Data Analysis, Enterprise Protection, Identify Issues, Incident Response, Internet Security, Microsoft Windows Operating System, Onboarding, Operational Support, Operations Security (OPSEC), Presentation/Verbal Skills, Production Support, Production Systems, Python Programming/Scripting Language, Regular Expressions, Reporting Dashboards, Scripting (Scripting Languages), Security Analysis, Security Information and Event Management (SIEM), Software Development, Software Development Lifecycle (SDLC), Splunk, Team Player, Unix Operating Systems, Use Cases, Writing Skills
LOCATION
Alpharetta, GA
POSTED
13 days ago
  • Support current ArcSight solution and lead effort to migrate detection rules to Splunk ES
  • Migrate all ArcSight contents to Splunk knowledge objects.
  • Work with engineering teams on field extractions and validation of logs
  • Onboarding and normalizing log and reference data-sources needed for analytics
  • Creation of analytics in Splunk and Splunk Enterprise Security
  • Improvement and fine-tuning of analytics
  • Creating data dictionaries for log sources
  • Operational support for production platforms through health monitoring and root-cause troubleshooting

Skills required 
  • 3+ years of SIEM experience.
  • Excellent knowledge of ArcSight ESM, creating rules, filters, and active lists.
  • Excellent knowledge of Splunk and ES (Searching, Reporting, Alerting, Dashboards, Correlation searches)
  • 3+ years of blue-team operational security experience within a SOC or MSSP
  • 2+ years of software development experience related applied to the above
  • Experience using SOAR platforms and Python scripts to automate incident response
  • Experience creating and maintaining analytics for security use-cases in Splunk and Splunk ES
  • Experience analyzing data, developing alerts, and designing dashboards for security operations
  • Comfortable with Unix and Windows CLI from
  • Experience analyzing infrastructure and application log sources
  • Knowledge of CIM and experience normalizing data to the common information model
  • Desired experience writing automation scripts in Python ?Good Understanding of regular expressions
  • Familiarity with the SDLC and proven experience deploying software into a production environment
  • Experience with streaming data using Rsyslog, Syslog-NG, Nifi and Kafka
  • Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin
  • Ability to work in a globally distributed team
  • Excellent written and verbal communication skills
  • Passionate interest in cyber security 


About the Company

S

Seven Seven Softwares

Resume Resources

Free Resume TemplatesFree Resume Builder