Description
JOB DESCRIPTION:The Senior Security Engineer is responsible for enterprise level security programs that safeguard organizational and customer data. Leveraging expert knowledge of network and security concepts, technologies, and forensics, the Security Engineer will take lead roles for identifying potential risks and for creating preventive strategies that effectively prevent the loss of proprietary information, operating data, and confidential customer information.
RESPONSIBILITIES:
- Monitor SIEM system components' health and availability.
- Review and apply applicable software and/or appliance upgrades, updates, and patches as needed.
- Create and verify rules for security threats, compliance, and audit requirements.
- Create and verify custom reports/report modifications as needed.
- Add and remove log sources. Troubleshoot issues with log sources or systems with vendor, and report system defects as needed.
- Configure backups, manage log source groups, and validate log sources.
- Manage product enhancement / feature requests with vendors as needed.
- Responsible for mentoring and training other team members, with regard to the SIEM environment.
- Assist with designing and documenting work processes within the SOC.
REQUIREMENTS:
- 8 years' experience in IT engineering required
- 5+ years specifically focused on Information Security - experience installing, configuring and troubleshooting security monitoring and tools required environments.
- Proficient understanding of access control and authentication infrastructure with particular emphasis on Microsoft .NET, LDAP, PKI, RADIUS/Tacacs+, and two-factor authentication.
- Understanding of secure IP network design/operation in both LAN and WAN environments Strong understanding of firewall, intrusion detection and prevention, endpoint security, and application layer gateway technologies.
- Understanding of security, administration, design, and implementation with Microsoft Active Directory and UNIX systems.
PREFERRED:
- 2+ years of SIEM experience
- Experience/background working with HP Arcsight background Highly Preferred certifications preferred.
- Experience architecting large scale systems for SIEM Information security experience supporting large, geographically diverse public company, preferred