INFORMATION SECURITY ENGINEER

Information Security Engineer

The SIEM Engineerserves in a technical capacityin all aspects of onboarding log sources to the Splunk Enterprise Security. Log Source onboarding includes coordinating security and audit log data ingestion, parsing the data, making it CIM compliant, development, tuning and validation of Use Cases and dashboards. The SIEM is the repository for the collection, storage and correlation event data across the enterprise. This function includes documenting log source on boarding requirements, performing log on boarding configuration and development/validation of security monitoring Use-Cases. Additional functions include analyzing, assessing and documenting system configuration settings against established requirements for commonly used IT platforms.

Develop monitoring Use-Cases as requiredby logging and monitoring ongoing operation.
Research, analyzeand understand log sources utilizedfor the purposeof security monitoring, particularly security and networking devices.
Develop and provide system configuration and log onboarding requirements to system owners.
Collaborate with other teams to documentand implement logging and monitoring capabilities to meet established requirements.
Support projecttracking by maintaining relevant log on boarding metricsand other relevantcriteria.
Actsas influencer of peers and management.
Acts as resource for incident responserelated activities and collaborates with technical teamsfor security incident remediation and communication.
Allocates and prioritizes securityresources efficiently within the organization.
Analyzes and implements securitysolutions to meet customer requirements.
Conducts proof of concepts,vendor comparisons and recommend solutions in line with business requirements.
Conducts risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
Conducts securityresearch on threatsand remediation methods.
Contributes to strategic planningto evaluate, deploy or updatesecurity technologies.
Creates processimprovement by identifying inefficiencies and solutionsfor process improvements.
Develops and maintains a set of operational and forward-looking securitymetrics.
Guides and confirms that the designhas been implemented as per the requirements.
Interacts with partners as needed to explain work product, securitytechniques, methodology and results to ensure appropriate business value.
Oversees daily monitoring of security reportsto identify issues and followthese issues to
Prepares systemsecurity reports by collecting, analyzing, and summarizing data and trends;presents reporting for management review.
Promotes cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting.
Provides direction and acts as an escalation point on projectsand issues to other team members
Provides technicalsecurity consulting supportto address complexbusiness and technology projects and requests
Updates job knowledge by tracking and understanding emergingsecurity practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
Writes clear implementation guidelines for the implementation engineers
Acts as a subjectmatter expert (SME) while providing leadership, guidance,and mentorship to other team members
Ability to communicate concisely, effectively and directlyto executive management
Ability to work cooperatively in a team environment
Demonstrated presentation development; tailors messageas needed; comfortable presenting to all levels; strong writing skills; demonstrates creativity in articulating messages that support recommendations
Exceptional organizational skills and attention to detail
Experience planning,researching and developing security strategies, standards, and procedures
Knowledge of risk assessment tools, technologies, and methods
Proven ability to understand and analyze complex issues, then apply experience and judgment to develop sound recommendations especially as related to malware, eDiscovery, current threats/attacks and/or vulnerability management
Proven relationship building skills working with mid to senior level management and cross- functional teams; understands risks;additional focus on leadership; stronginterpersonal skills; delivers precise, accurate results to meet commitments; mentors other team members
Strong understanding of security, incident response and/or networking/PC concepts
Bachelor's degreein computer scienceand/or equivalent major,OR equivalent workingexperience
5 years relevantwork experience
Experience in IT Security
Experience with Splunk SPL, Splunk ES and integration to leading security tools such as Cisco ISE, Cisco Prime, ThreatMetrix, Oracle Directory Services, Oracle/SQL/DB2 databases, Varonis, CyberArk, Linux and Microsoft ATA.
Experience with enterprise securityprojects
Strong knowledge of PCI, SOX, ISO and NIST securitystandards
Experience onboarding data sources
Oneor more certifications: CISSP, CISA, CISM, ISO2700, SplunkPower User