Overview
On Site
Depends on Experience
Accepts corp to corp applications
Contract - W2
Contract - 12 Month(s)
Skills
SIEM
Google Chronicle
Job Details
Google Chronicle SIEM Engineer San Jose, CA or Palo Alto, CA 12+ months
The position involves enhancing threat detection, reducing false positives, and improving operational efficiency within a Security Operations Center (SOC) environment.
Key Responsibilities:
- Platform Management: Design, implement, and optimize Google Chronicle SIEM for log ingestion, parsing, normalization, and enrichment.
- Detection Engineering: Develop and fine-tune detection rules, parsers (using YARA-L), and correlation logic to improve threat detection accuracy and manage alert fatigue.
- Integration: Integrate diverse log sources, including firewalls, endpoint security, cloud services (IAM, network devices), etc., and utilize tools like Bindplane and Cribl for data management and ingestion.
- Automation: Design and implement automation workflows (SOAR-based or API-based) to reduce analyst workload and response time, integrating with platforms like Cortex X, SOAR, Splunk SOAR or custom Python frameworks.
- Collaboration: Work with threat hunting and detection engineering teams to implement new logic and build custom dashboards to enhance visibility.
Education: At least a bachelor s degree (or equivalent experience) in Computer Science, Software/Electronics Engineering, Information Systems, or a closely related field is required for the project
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.