Cyber-Security SIEM Engineer
Seven Seven Softwares Alpharetta
Support current ArcSight solution and lead effort to migrate detection rules to Splunk ES-
Migrate all ArcSight contents to Splunk knowledge objects.-
Work with engineering teams on field extractions and validation of logs-
Onboarding and normalizing log and reference data-sources needed for analytics-
Creation of analytics in Splunk and Splunk Enterprise Security-
Improvement and fine-tuning of analytics-
Creating data dictionaries for log sources-
3+ years of SIEM experience.-
Excellent knowledge of ArcSight ESM, creating rules, filters, and active lists.-
Excellent knowledge of Splunk and ES (Searching, Reporting, Alerting, Dashboards, Correlation searches)-
3+ years of blue-team operational security experience within a SOC or MSSP-
2+ years of software development experience related applied to the above-
Experience using SOAR platforms and Python scripts to automate incident response-
Experience creating and maintaining analytics for security use-cases in Splunk and Splunk ES-
Experience analyzing data, developing alerts, and designing dashboards for security operations-
Comfortable with Unix and Windows CLI from-
Experience analyzing infrastructure and application log sources-
Knowledge of CIM and experience normalizing data to the common information model-
Desired experience writing automation scripts in Python ?Good Understanding of regular expressions-
Familiarity with the SDLC and proven experience deploying software into a production environment-
Experience with streaming data using Rsyslog, Syslog-NG, Nifi and Kafka-
Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin-
Ability to work in a globally distributed team-
Migrate all ArcSight contents to Splunk knowledge objects.-
Work with engineering teams on field extractions and validation of logs-
Onboarding and normalizing log and reference data-sources needed for analytics-
Creation of analytics in Splunk and Splunk Enterprise Security-
Improvement and fine-tuning of analytics-
Creating data dictionaries for log sources-
Operational support for production platforms through health monitoring and root-cause troubleshooting
Skills required -3+ years of SIEM experience.-
Excellent knowledge of ArcSight ESM, creating rules, filters, and active lists.-
Excellent knowledge of Splunk and ES (Searching, Reporting, Alerting, Dashboards, Correlation searches)-
3+ years of blue-team operational security experience within a SOC or MSSP-
2+ years of software development experience related applied to the above-
Experience using SOAR platforms and Python scripts to automate incident response-
Experience creating and maintaining analytics for security use-cases in Splunk and Splunk ES-
Experience analyzing data, developing alerts, and designing dashboards for security operations-
Comfortable with Unix and Windows CLI from-
Experience analyzing infrastructure and application log sources-
Knowledge of CIM and experience normalizing data to the common information model-
Desired experience writing automation scripts in Python ?Good Understanding of regular expressions-
Familiarity with the SDLC and proven experience deploying software into a production environment-
Experience with streaming data using Rsyslog, Syslog-NG, Nifi and Kafka-
Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin-
Ability to work in a globally distributed team-
Excellent written and verbal communication skills-
Passionate interest in cyber security
NavitsPartnersMilton (GA), 4 mi from Alpharetta
Cybersecurity Firewall Technician
Responsibilities:
• Implement and troubleshoot TCP/IP networks and firewall routing rules.
• Analyze security needs and update perimeter protection settings.
• Coordinate with customers and infrastructure...
Pyramid Consulting Inc.Johns Creek (GA), 5 mi from Alpharetta
ID: 23-26053 Pay Range: $35- $50/hournbsp; Employee benefits include, but are not limited to, health insurance (medical, dental, vision Key Requirements and Technology Experience: Cyber Security team Incidence Response - 2 Years (Must...
Robert HalfAtlanta, 17 mi from Alpharetta
Cybersecurity Manager
Seeking an experienced Cybersecurity Manager to join our team. You’ll have proven experience overseeing security operations for multiple organizations. As a technology services firm that serve multiple clients, will provide...
Best jobs you don't want to miss: