Security Architect - SIEM Engineer
Quick Overview
Job Description
Title: Security Architect - Consultant (SIEM Engineer)
Duration: 12 Months
Remote
Why is this position open: New Position to assist the Division of Information Security (DIS).
Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.
Work Location: Role is 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.
Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.
Required Skills
Bachelor''s Degree in an Information Technology or Information Security related field (8+ years of relevant work experience may be substituted in lieu of education)
5+ years of experience support large IT environments and/or system deployments
Hands-on experience with Palo Alto Cortex, XSIAM, and Cortex XDR design, implementation, administration and operational support.
Experience engineering and supporting SIEM capabilities for multi-tenant environments and 24x7 Security Operations Center operations.
Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting and alert suppression logic.
Experience creating and managing complex playbooks
CRIBL Data Modeling, log pipeline design, parsing, normalization, enrichment, routing and ingestion.
Experience developing automation, integrations, playbooks and response workflows using scripting languages such as Python and Bash.
Experience onboarding and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows and custom application sources.
Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design and industry-standard cybersecurity frameworks.
Preferred Skills
CISSP, Security+ or GIAC certification
Palo Alto Cortex, Cribl or other relevant SIEM/security platform certification
Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant environment.
Hands-on Cribl administration, data modeling and log pipeline optimization experience.
Experience supporting Tier 1 through Tier 3 SOC analysts, threat hunting, incident response and 24x7 operational handoffs.
Familiarity with industry-standard security and compliance frameworks and experience developing playbooks, runbooks, procedures and technical documentation.
Similar jobs
Senior System Security / Cybersecurity Analyst with Security Clearance
TekSynap · Gulfport, United States
Just now$70k - $100k/yrSecurity Architect/SIEM Engineer
Refulgent Technologies Inc. · United States
2 minutes agoPrincipal Industrial Security Analyst with Security Clearance
Northrop Grumman · Baltimore, United States
27 minutes ago$89.9k - $134.9k/yrSenior Application Security Engineer
Alltech Consulting Services, Inc. · Charlotte, United States
28 minutes agoSenior Naval System Security Engineer with Security Clearance
Amentum · Dahlgren, United States
51 minutes ago$140k - $160k/yrApplication Security Engineer
Alltech Consulting Services, Inc. · Charlotte, United States
51 minutes ago