SIEM/SOAR Engineer

Please Note: As of July 22 2021 our team will require that all candidate submissions include a LinkedIn profile. Please do not submit any candidates that do not have a LinkedIn.

A client with Kforce is seeking a SIEM/SOAR Engineer to join their team. This is a mostly onsite position with 1 day a week remote working out of Jersey City NJ Tampa FL or Tempe AZ offices.

Summary:

We are seeking a highly motivated SIEM and SOAR Engineer as part of the Engineering team to design and implement cutting-edge technology to improve security posture. This person will work with other engineering team members to drive the engineering standards and implementation across the global deployment.

Responsibilities:

* Design and implement various engineering solutions by working with other stakeholders

* Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms

* Define SIEM and SOAR platform standards including data schema modelling normalization monitoring and alerting

* Define standard patterns to integrate different systems into SIEM platforms; Ability to develop different scripts and products RegEx for configuring policy to detect security alerts as per threat anomaly etc.; Ability to conduct fraud analysis and threat detection

* Generate different types of reports using SIEM and SOAR data Identify opportunities to enhance the current baseline processes and configuration

* Produce engineering integration and process related documentation

* Manage vendor relationships to drive roadmap solution design implementation and troubleshooting

* Work with key stakeholders of the services to ensure the expectations are meeting the requirements

Required Skills : * Bachelor s degree in Cybersecurity Computer Science Information Technology or related field or relevant industry certifications; Equivalent work experience is equally preferable * At least 5 years of experience in technology with emphasis on cyber security * At least 3 years of experience in SIEM and SOAR products such as Splunk Elastic Datadog Cribl etc. * At least 1 years of experience in Data Lake and data warehouse using products such as AWS S3 Snowflake Databricks etc. * Experience with scripting is highly preferred like Python Ansible etc. * Experience in creating trending metrics and management reports; Working knowledge in RegEx Splunk search language etc. is required * Knowledge and experience operating in a hybrid-cloud environment * Knowledge of modern security principles and their practical applications * Knowledge and experience in AWS or Azure * Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell) * Experience with building and managing Security Data Lake and Data Warehouse * Knowledge of various applications and systems that include Servers security platforms middleware Clouds (SaaS PaaS and IaaS) Containers etc. to come up with the right approach of SIEM integration * Ability to understand security risks and controls to analyze various methods of controlling information security problems determine the strengths and weaknesses of each method and implement the best cost-justified solution * Ability to provide technical directions to other peer staff members and to train new staff on the security team Preferred Certifications: * Certified Information Systems Security Professional (CISSP) Certified Information Systems Manager (CISM) Certified Information System Auditor (CISA) Certified Ethical Hacker (CEH)

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No