NOW HIRING: SIEM Engineer / System Admin – Tampa, FL
The SIEM Engineer is a client-facing role, responsible for administration, management, configuration, testing and integration of SIEM solutions to improve the security value, service management, and scalability for our clients. A working knowledge of SIEM, threat trends and vectors, and IT/IS architectural design are paramount. This individual will work under the supervision of a SIEM Architect and Practice Manager while partnering with the client to deliver robust SIEM solutions.
This function will work closely with the client to understand the current and target state of the SIEM and insure effective and efficient incident identification, resolution and root-cause analysis is leveraged through productive implementation of the platform.
The most successful candidate will be a strong technologist with a practical mind and creativity. This candidate must be able to effectively collaborate with the client’s Information Security and IT/IS teams and ThetaPoint Architects to deliver optimal results for the client. In addition, the SIEM Engineer must be able to clearly and successfully communicate with a demonstrated understanding of business and technical requirements of the client.
- Align with client needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of their security operations center and infrastructure.
- Partner with the client to evaluate existing log & data domains, SIEM processes and tools and effectiveness measures to identify critical elements, weaknesses and opportunities for improvement.
- Perform system administration for systems that run the SIEM and ancillary devices.
- Work independently and in concert with others to optimize SIEM solutions that have a measurable impact on security value, service management and client elation.
- Provide technical input to Management for new security solutions/approaches to meet the client’s needs.
- Collaborate with the client to insure log/event sources are properly parsed and correlated correctly within the SIEM.
- Perform other duties as assigned.
- Role reports to SIEM Architect
- Client Facing role – this is a full-time onsite position (no teleworking available)
- Work closely with Client IT Security and IT/IS Functions in addition to ThetaPoint internal team
- This role does not have any direct reports
- 3+ years of security logging and monitoring engineering experience required
- 3+ years hands on experience in engineering and supporting large scale Splunk / Hadoop / ArcSight / Q Radar or similar event logging / correlation solutions for large corporations is required
- 3+ years hands on experience creating rules, alerts, content and reports within a complex SIEM environment.
- Familiarity with Cyber Kill Chain methodologies
- Excellent Unix / Linux skills required: Installation, Troubleshooting, Patching, Log Review, Etc…
- Familiarity with Windows WEF Framework
- Understanding of Network Firewalls, Load Balancers and Complex System Designs
- Basic troubleshooting and break fix experience with SIEM environments required
- Able to obtain COMPTIA Security+ certification within first 90 days
- Good command of Python, Perl, SQL, Regex and Shell Scripting is preferred
- Experience installing and maintaining open source log capture technologies such as Kafka, Zookeeper, Logstash, Syslog-NG, Snare, MSCOM etc is preferred
- Experience with Gitlab
- Excellent written and verbal communication skills
- Active professional security certifications (i.e. CISSP), open source project, security research or design/framework
- 1-2 years’ experience working with Incident Response handling or inside a Security Operations Center.
Environmental Job Requirements and Working Conditions
- Client site is located at MacDill Air Force Base, Florida
- All candidates must active DOD Top Secret Security Clearance and be SCI eligible
- Must successfully pass a criminal background check and drug screening
- Job requires travel approximately 0-5% of the time
- 1099 or Corp to Corp (C2C) Preferred; W2 for right candidate
If interested in this positions at ThetaPoint, please apply online at: https://www.indeed.com/job/siem-engineer-system-admin-5248561e1b2fff0a
About ThetaPoint, Inc.
ThetaPoint is a leading provider of strategic consulting and managed security services. We help clients plan, build and run successful SIEM and Log Management platforms and work with the leading technology providers to properly align capabilities to clients needs. Recognized for our unique technical experience, in addition to our ability to quickly and rapidly solve complex customer challenges, ThetaPoint partners with some of the largest and most demanding clients in the commercial and public sector. For more information, visit www.theta-point.com or follow us on Twitter or Linked-In.