Cyber-Security SIEM Engineer
Seven Seven Softwares Alpharetta
Support current ArcSight solution and lead effort to migrate detection rules to Splunk ES-
Migrate all ArcSight contents to Splunk knowledge objects.-
Work with engineering teams on field extractions and validation of logs-
Onboarding and normalizing log and reference data-sources needed for analytics-
Creation of analytics in Splunk and Splunk Enterprise Security-
Improvement and fine-tuning of analytics-
Creating data dictionaries for log sources-
3+ years of SIEM experience.-
Excellent knowledge of ArcSight ESM, creating rules, filters, and active lists.-
Excellent knowledge of Splunk and ES (Searching, Reporting, Alerting, Dashboards, Correlation searches)-
3+ years of blue-team operational security experience within a SOC or MSSP-
2+ years of software development experience related applied to the above-
Experience using SOAR platforms and Python scripts to automate incident response-
Experience creating and maintaining analytics for security use-cases in Splunk and Splunk ES-
Experience analyzing data, developing alerts, and designing dashboards for security operations-
Comfortable with Unix and Windows CLI from-
Experience analyzing infrastructure and application log sources-
Knowledge of CIM and experience normalizing data to the common information model-
Desired experience writing automation scripts in Python ?Good Understanding of regular expressions-
Familiarity with the SDLC and proven experience deploying software into a production environment-
Experience with streaming data using Rsyslog, Syslog-NG, Nifi and Kafka-
Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin-
Ability to work in a globally distributed team-
Migrate all ArcSight contents to Splunk knowledge objects.-
Work with engineering teams on field extractions and validation of logs-
Onboarding and normalizing log and reference data-sources needed for analytics-
Creation of analytics in Splunk and Splunk Enterprise Security-
Improvement and fine-tuning of analytics-
Creating data dictionaries for log sources-
Operational support for production platforms through health monitoring and root-cause troubleshooting
Skills required -3+ years of SIEM experience.-
Excellent knowledge of ArcSight ESM, creating rules, filters, and active lists.-
Excellent knowledge of Splunk and ES (Searching, Reporting, Alerting, Dashboards, Correlation searches)-
3+ years of blue-team operational security experience within a SOC or MSSP-
2+ years of software development experience related applied to the above-
Experience using SOAR platforms and Python scripts to automate incident response-
Experience creating and maintaining analytics for security use-cases in Splunk and Splunk ES-
Experience analyzing data, developing alerts, and designing dashboards for security operations-
Comfortable with Unix and Windows CLI from-
Experience analyzing infrastructure and application log sources-
Knowledge of CIM and experience normalizing data to the common information model-
Desired experience writing automation scripts in Python ?Good Understanding of regular expressions-
Familiarity with the SDLC and proven experience deploying software into a production environment-
Experience with streaming data using Rsyslog, Syslog-NG, Nifi and Kafka-
Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin-
Ability to work in a globally distributed team-
Excellent written and verbal communication skills-
Passionate interest in cyber security
Robert HalfAtlanta, 17 mi from Alpharetta
We are in the process of recruiting a Cyber Security Engineer in the Legal industry, to work in our Atlanta, Georgia office. The main functions of this role include managing and enhancing our information security posture, focusing on Identity...
CoxAtlanta, 17 mi from Alpharetta
Cox Communication's is seeking a Director of Cybersecurity Incident Response , who will be responsible for leading and managing the company's incident response strategy and operations. You will oversee the response, management, and resolution...
Atlanta, 17 mi from Alpharetta
Overview:
Chick-fil-A is looking for a Senior Lead Cybersecurity Engineer to safeguard our vertical business lines and international restaurants (entities).
In this role you'll design and implement cutting-edge security solutions, collaborating...
Best jobs you don't want to miss: