CYBERSECURITY ENGINEER.
IRVING, TX
Job Description
Cybersecurity Engineer assesses, formulates, and executes tasks related to SIEM, IDS/IPS, Priviledged Account Management, Certificate Lifecycle Management, WAF, NDR, CI/DI, AIP, EDR, HSM, Threat Analytics, and other cybersecurity tools.
Partners with Cyber operations, IAM, Cyber Architecture, Network Services, DEVOPS, Risk Governance, and the business to deliver initiatives within established milestones and budget.
Assists Cybersecurity Engineering Team with an array of security engineering duties
Position is hybrid, onsite 40% in Irving TX office
Top 3 skills: Experience in Elastic end to end administration, Syslog server administration, SIEM technologies (ex: Devo
Mandatory Skills
Bachelor’s degree in Information Technology, Cybersecurity, or related field.
Minimum 3-5 years of experience in IT Security or Information Technology.
Possess experience working in a SIEM at the enterprise level.
Experience with tools like Google Chronical, Devo, or Elasticsearch.
Collaborate with diverse IT and business stakeholders to design and maintain productionquality log management/SIEM reports, facilitating data analysis and visualization.
Experience withSIEM integration in cloud environments such as AWS, Azure, or GCP, ability to secure cloud native workloads and monitor cloud infrastructure using SIEM tools.
Experience in scripting languages such as Python, Powershell, or Bash with strong knowledge of regular expressions allowing for the development of automation scripts and playboods to streamline SIEM operations and enhance efficiency.
Experience in designing and developing REST APIs, demonstrating the ability to create robust and scalable solutions that effectively communicate and interact with other systems and applications
Experience in working with syslog servers, proficiency in configuring, fine tuning and maintaining syslog servers, proficiency in configuring, fine tuning and maintain syslog ng or rsylog and the ability to troubleshoot and promptly resolve issues related to syslog systems
Ensuring the reliable collection, processing, and storage of log data.
Experience authoring security runbooks, policy and best practice documentation and implementing SOAR platforms.
Develop and maintain comprehensive documentation pertaining to log management/SIEM infrastructure configuration and operational processes
Possess advanced system administration skills, particularly with Linux operating systems.
Understanding of tactics, techniques and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures and threat hunting techniques.
Exhibit a strong work ethic, excellent discretion, judgement and threat hunting techniques
Whatsapp
