Security Engineer (SIEM)

Job Title: Security Engineer (SIEM)

Location: Pittsburgh, PA

Duration: 3 + months (extendable)

Duties And Responsibilities:

• Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies.
• Provide Subject-matter-expertise and administer Crowd Strike EDR/NGAV, Identity Protection, and NG-SIEM.
• Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting.
• Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation.
• Administer the Firm s security solutions including, Crowd Strike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology.
• Develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring.
• Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders.
• Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting.
• Effectively deliver reliable and scalable solutions and services, aligned to the Firm s client and shareholder requirements, that reduce risk and balance operational impact and usability.
• Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation.
• Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm s security requirements.
• Deliver exceptional customer service and provide security and operational consulting, project and design support, cross-training, and troubleshooting to IT Administrators, staff, shareholders, clients, and vendors.

Required Education/Experience:

• Strong Information Systems and Technology background with at least five (5) years of experience in Information Security.
• Ability to communicate clearly and effectively with people from both technical and non-technical backgrounds.
• Knowledge and experience with varying information security processes and tools.
• Ability to identify security technology risks.
• Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities.
• Proficient knowledge of IP networking and public cloud security principles.
• Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW
• Expertise in malware detection technologies and remediation.
• Experience in security event management and security incident response processes, tools, and procedures.
• Expertise in the following technologies providers (or comparable): Crowd Strike, Palo Alto, Tenable, and Azure.
• Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security
• Experience with scripting and query languages such as python, PowerShell, CQL, and XQL
• Understanding of ISO/IEC 27001:2022 ISMS principles.