Job Title: SIEM/SOAR Engineer
Max Salary: up to 118K
Job Duties and Responsibilities
Company IT Security Monitoring, part of the Security Operations Center, is tasked with providing and maintaining information for Security and Compliance. Under the direction of the CISO (who reports directly to the CIO) the IT Security Monitoring team carries out duties of protecting the company’s information assets.
Primary responsibilities fall into the following categories:
- Identify log sources needed for collection for both Security and Compliance for the SIEM.
- Generate appropriate alerting within SIEM to leverage in automation activities
- Write automation in the SOAR to accelerate IR activities (Java, Python, Bash)
- Management, deployment, and build of SOC and SOAR
- Perform cleanup and sanitation of incoming log sources and events.
- Work with multiple teams throughout IT on activities.
- Participate in Incident Response activities.
- Workflow creation and analysis
- Use and leverage ELK (Elasticsearch, Logstash, Kibana, and ElasticAlert)
- Lead or participate in projects brought to IT by local business leaders, corporate IT, and corporate business.
- Prioritize and escalate any issues that could put business objectives, results, or processes at risk.
Skills, Experience and Requirements
A successful Security Monitoring Professional will have the following:
- Bachelor’s Degree in Computer Science, Engineering or related discipline; or equivalent combination of work experience and certifications.
- Knowledge of network protocols, data flows, and Operating Systems within a TCP/IP environment.
- Have a solid understanding of common vulnerabilities associated with operating systems and applications.
- Ability to perform network protocol analysis and raw data capture.
- An understanding of dynamic routing protocols and static routing.
- Some proficiency in programming and scripting languages common to security such as Perl, PHP, or Python. Advanced scripting skills are a huge plus.
- Hands-on experience with various SIEM technologies
- Hands-on experience with various SOAR technologies
- Linux knowledge
- Have excellent verbal and written communication skills with experience in making presentations to both technical and executive-level audiences.
- Knowledge of PCI-DSS/SOX methodologies and processes is a plus