SIEM and SOAR Engineer

Overview

Hybrid
$60 - $70
Contract - W2
Contract - 6 Month(s)
Unable to Provide Sponsorship

Skills

SIEM and SOAR
Security Data Lake and Data Warehouse
Python
Ansible

Job Details

Position Title: SIEM and SOAR Engineer
Duration: 6+ months Contract to Hire
Client Location: Hybrid(4 days onsite a week in Jersey City, NJ, Tampa, FL, or Tempe, AZ)
Job Description:
highly motivated SIEM and SOAR Engineer as part of the Engineering team to design and implement cutting-edge technology to improve security posture. This person will work with other engineering team members to drive the engineering standards and implementation across the global deployment.
Responsibilities:
  • Design and implement various engineering solutions by working with other stakeholders.
  • Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms.
  • Experience with building and managing Security Data Lake and Data Warehouse.
  • Define SIEM and SOAR platform standards including data schema, modelling, normalization, monitoring and alerting.
  • Define standard patterns to integrate different systems into SIEM platforms
  • Ability to develop different scripts and products RegEx for configuring policy to detect security alerts as per threat, anomaly, etc.
  • Ability to conduct fraud analysis and threat detection.
  • Generate different types of reports using SIEM & SOAR data
  • Identify opportunities to enhance the current baseline processes and configuration
  • Produce engineering, integration and process related documentation.
  • Manage vendor relationships to drive roadmap, solution design, implementation and troubleshooting
  • Work with key stakeholders of the services to ensure the expectations are meeting the requirements
  • Knowledge of various applications and systems that include Servers, security platforms, middleware, Clouds (SaaS, PaaS and IaaS), Containers, etc. to come up with the right approach of SIEM integration
  • Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution
  • Ability to provide technical directions to other peer staff members, and to train new staff on the security team
Qualifications:
  • At least 5+ years of experience in technology with emphasis on cyber security.
  • At least 3+ years of experience in SIEM and SOAR products such as Splunk, Elastic, Datadog, Cribl, etc.
  • At least 1+ years of experience in Data Lake and data warehouse using products such as AWS S3, Snowflake, Databricks, etc.
  • Experience with scripting is highly preferred like Python, Ansible etc.
  • Experience in creating trending, metrics, and management reports
  • Working knowledge in RegEx, Splunk search language, etc. is required.
  • Knowledge and experience operating in a hybrid-cloud environment.
  • Knowledge of modern security principles and their practical applications.
  • Knowledge and experience in AWS or Azure
  • Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell)
Education:
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications. Equivalent work experience is equally preferable.
Preferred Certifications: Are these really preferred? It s ok if they just wanted to ask if we are on track with the correct Certs
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Manager (CISM)
  • Certified Information System Auditor (CISA)
  • Certified Ethical Hacker (CEH)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Cloud Destinations LLC