Security Tools Engineer

SSO, SSL, Security Operations, SMTP, Netskope, Splunk deployment/configuration
Contract W2, 6 Months
Depends On Experience
Travel not required

Job Description

Job Description
Job Title: Security Tools Engineer #352804
Location: San Jose, CA / San Diego, CA (Hybrid)
Duration: 6+ Month
Manage daily functions of SSI Security Operations, while protecting the integrity, confidentiality and availability of SSI information technology resources. Deploy, Administer and Configure security tools (SIEM, CASB, EDR, DLP, Vulnerability Management etc.). Ability to create standard procedures/run books for managing and maintaining various security controls, currently in place at SSI. Perform maintenance and regular health check of the Security tools and keep them functional for the Cyber Security Operations. Assist with incident response procedures and processes, including identifying and establishing appropriate escalation/communication chain. Should be able to assist and provide support in forensics investigations to root cause security incidents/breaches and carry out effective remediation activities. Ability to analyze system and firewall logs to assist with security analysis and threats. Work closely with the Cybersecurity team in instituting an effective Threat & Vulnerability Management program. Assisting in reviewing existing security controls and help identify security risks. Work closely with the Cybersecurity team in recommending effective security controls to mitigate and minimize security risks. Create and maintain security tools dashboard


Must Have:
Netskope and Splunk deployment/configuration Experience

Required Skills:
• 4-6 years of experience directly related to information technology security in medium to large enterprise. This experience should include active participation in security programs and processes that have contributed to the development and administration of an organization wide IT security architecture.
• Knowledge of networking and protocols such as SSL, HTTP, DNS and SMTP
• Working across teams to implement security controls throughout the company.
• Deploying POCs and Pilots as needed, working with multiple enterprise teams to obtain testers to validate assumptions and operation of controls prior to wide scale deployment.
• Ensuring proper documentation of existing configuration, procedures, and guidelines.
• Proven experience performing System Administration. Deployment and maintenance on security controls such as SIEM, DLP, EDR, CASB, SOAR, SSO and other security controls.
• Experience deploying, migrating to, and/or supporting cloud network security (SASE/CASB) products such as Netskope, iBoss, Zscaler or Palo Alto.
• Demonstrated experience using Splunk Search Processing Language in creating queries, setting alerts, identifying event conditions, and building dashboards
• Installing, configuring, and deploying Splunk infrastructure, to include search heads, indexers, forwarders, and other Splunk components
• Splunk account creation and role-based access control
• Monitor and maintain Splunk performance, availability, and capacity.
• Grow and improve the enterprise Splunk environment to a mature implementation by creating forwarder apps to ingest data feeds
• Develop reliable, efficient, and re-usable queries that will feed custom alerts and dashboards
• Assist users in accessing and identifying relevant audit logs, both for troubleshooting and cybersecurity compliance purposes
• Configuring dashboards to facilitate audit log analysis, and configuring rules for use cases
• Act as the Splunk liaison for Splunk technical questions, issues or escalations. This will include working with Splunk Support, Product Management or others as needed.
• Administration of the servers on which Splunk infrastructure is deployed is not a direct responsibility, but the successful candidate must be familiar enough with both Splunk and server administration to participate in server troubleshooting affecting Splunk performance.
• Must be familiar with a wide range of security technologies including, but not limited to: SIEM, CASB IDS/IPS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, SSO, SOAR, Privilege Access Management and security incident response and Identity Management.
• Excellent communication skills with the ability to write documents ranging from formal and informal reports, system documentation, and training materials.
• The demonstrated ability to work effectively in a collaborative team environment or as an individual contributor.


Thanks & Regards

Amardeep Paul

Dice Id : xorca001
Position Id : 411520
Originally Posted : 6 years ago
Have a Job? Post it

Similar Positions

Security Tools Engineer/Administrator
  • Xoriant Corporation
  • San Jose, CA, USA
Information Security Engineer, DevSecOps
  • Jobot
  • San Francisco, CA, USA
Senior Security Engineer
  • Tiro Security
  • San Francisco, CA, USA
Sr Cloud Security Engineer
  • Dutech Systems Inc
  • San Francisco, CA, USA
Senior Security Sales Engineer - Northwest (Remote)
  • GuidePoint Security
  • San Francisco, CA, USA
Early Career Network Security Engineer - R&D
  • Lawrence Livermore National Laboratory
  • Livermore, CA, USA
Cyber Security Operations Analyst
  • Zenex Partners, Inc
  • San Jose, CA, USA
CyberSecurity Engineer
  • Bayside Solutions
  • Santa Clara, CA, USA
Cybersecurity Engineer
  • Tranzeal, Inc.
  • Sunnyvale, CA, USA