Senior SIEM Engineer - Exabeam

  • Full-time
  • Travel Required: 0 - 9%

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Who we are looking for:

Optiv, with our vendor partners, is pushing the envelope on the next generation of SIEM functionality.  The Fusion SOC requires a SIEM platform on steroids.  The NextGen SIEM, in addition to event and case management, provides advanced analytics as well as tools for orchestration and automation.  We are looking for a highly motivated security practitioner and infrastructure specialist to manage the next generation SIEM platform.  The role is a fusion of skills: security event analysis, ELK data structures, and fundamental tech platform management.

The NextGen SIEM Engineer role will provide the successful candidate a challenging and rewarding opportunity.  You will be working with the latest advances around event management and analytics, as Optiv continues to bring advanced security operations to the market.

How you’ll make an impact:

  • Ensure the high availability and efficient operation of the NextGen SIEM, specifically Exabeam
    • Working with Advanced Analytics, IR and Data Lake tools
  • Manage the ingestion and health of event intelligence data flows
  • Create and fine-tune security event alerting use cases
  • Establish operating processes for advanced SIEM environments
  • Create best practices in this rapidly evolving area

Qualifications

The ideal candidate:

  • Enjoys working as part of a high-performance team
  • Is a passionate, modern security practitioner with knowledge across multiple cyber security domains and technology
  • Is experienced and interested in supporting and interfacing with clients.
  • Understands, in detail, how the SIEM platforms supports and enables the Security Event Analyst’s success
  • Enjoys working with advanced SQL data structures and queries
  • Has strong visualization and communication skills enabling translation of complex concepts into practical messaging
  • Has a thirst for knowledge and a methodical approach to creative problem solving
  • Is willing to obtain and maintain advanced platform-specific certifications

Competencies:

  • Incident response and threat eradication in enterprise environments
  • Real-world experience with modern security tools such as sandboxing technologies, EDR, SIEM, user behavior analytics, threat intelligence tools/platforms, and traffic analysis platforms
  • Experience with data analytics platforms
    • ElasticSearch / ELK Stack
    • Splunk
    • Hadoop/Nifi/etc.
  • Working knowledge of machine learning is a PLUS
  • Experience with cross-platform logging systems and log data forwarding solutions including, Syslog forwarding and facilities, Splunk forwarder, Windows event log, WEC/WEF, logs appended services such as log4j and the best practices for managing structured and unstructured event data
  • SQL database data management and reporting skills that include ability to write SQL database queries and ETL operations
  • Experience with Unix/Linux platform configuration, performance tuning, and OS internals
  • Experience with shell scripting, leveraging languages such as Python for scripting, job schedulers
  • Expected to build and maintain automation solutions for system administration and data management tasks
  • Excellent communication, writing, and interpersonal skills. This role requires engagement with teams across the Optiv tech community regarding data onboarding to the SIEM, dashboard building, governance, and will require the individual to maintain documentation

Desired Certifications/Degree:

  • Bachelors degree in Computer Science, Data Analytics, or related area

Additional Information

Commitments:

  • The position has no supervisory component but the option to pursue a leadership career growth path is available

All your information will be kept confidential according to EEO guidelines.

Privacy Policy