McAfee SIEM(Nitro) Admin

MacAfee SIEM (Nitro), On-Boarding Log sources into MAcafee SIEM, Developing Parsers
Full Time, Contract Corp-To-Corp, Contract Independent, Contract W2, C2H Corp-To-Corp, C2H Independent, C2H W2
Negotiable
Telecommuting not available Travel not required

Job Description

MacAfee SIEM(Nitro), Atlanta, GA

Duration: Long Term

 

Primary requirement as per JD is :-

Experience on MacAfee SIEM (Nitro) – Administration, log source on-boarding, Use Case development.

On-Boarding Log sources into MAcafee SIEM

Developing Parsers to on-board custom applications to SIEM.

 

Responsibilities of the SIEM Specialist

SIEM specialist would be a member of SIEM Team and responsible for

  • Validate, generate report and resolve logging inactivity by notifying and working Point of contact
  • Discover and remediate logging inconsistencies (SIEM) such as Inconsistent timestamp, Inconsistent log levels etc.
  • Manage, Configure and cleanup Syslog relay configuration
    1. Act as point to validate logs are received on relay
    2. Setup applicable mutual authentication with TLS 1.2 between data sources and relays
    3. Capture log samples
    4. Validate in scope logs contain the required fields to build parsers in SIEM/UBA
    5. Validate relay configuration that SIEM and UBA are receiving messages

 

  • Review existing correlation rule and recommend updates if required
  • Recommend new correlation rules
  • Assist in creating custom parsers.

Required Skills

  • 3 - 5 years working in the Security Logging and Monitoring space
  • 2 -4 years of SIEM administration experience
  • Network security monitoring experience
  • Knowledge of various log formats from: network infrastructure, server, web applications, databases, etc.
  • Knowledge of Syslog Relay and Windows Event Forwarder
  • Knowledge of VPNs, firewalls, routing/switching, databases, web applications, etc.
  • Linux and Windows System administration experience
  • Scripting languages such as Python, PowerShell etc.

 

Preferred Skill

  • McAfee SIEM administration experience
  • Knowledge of how McAfee SIEM parses, aggregates, normalizes, correlates, and alerts
  • Syslog NG Relay and/or WEF

 

Posted By

Dhivya Tamilarasu

Charlotte, NC

Dice Id : 10397549
Position Id : MASIEM-RYNRGA
Have a Job? Post it

Similar Positions

Security Engineer
  • Matrix Resources
  • Lawrenceville, GA
Tanium Security Engineer
  • Cybersearch, Ltd
  • Marietta, GA
Firewall Policy Engineer / CheckPoint Palo Alto
  • Request Technology, LLC
  • Marietta, GA
Security Analyst
  • Numbers Only, Inc.
  • Atlanta, GA
Security Engineer
  • Data Resource Technologies
  • Marietta, GA
Security Network Engineer
  • Robert Half Technology
  • Atlanta, GA
Staff Application Security Engineer - GA
  • Aptuity Solutions, Inc
  • Atlanta, GA
Security Engineer II
  • The Judge Group
  • Marietta, GA
Cyber Threat Intelligence Engineer
  • Xpect SVC, LLC
  • Atlanta, GA
Information Security Architect Senior
  • TSR Consulting Services, Inc.
  • Alpharetta, GA