SIEM Consultant

Columbus, GA 31909

Posted: 02/09/2021 Employment Type: Contract Category: Security Engineer Job Number: 54971

Job Description


SIEM Consultant

 
  • Develop correlation rules and playbooks within Splunk, UBA, and Phantom SOAR Platforms to meet the overall objectives.
  • Develop SIEM, UBA, and Orchestration automation to process events for threat identification and alert generation in a shared environment.
  • In conjunction with Threat Hunting and Threat Intelligence teams, analyze the signatures cyber attackers leave behind throughout a network and develop SIEM rules to detect future intrusions.
  • Conduct open ended analysis of large data sets in order to find network activity baselines as well as abnormalities.
  • Research and deconstruct cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs.
  • Conduct research in security principles, host- and network-based security technologies, machine learning algorithms, and attack and mitigation methods.
  • Test rules in a lab environment using penetration testing tools.
  • Clearly and effectively document your work to inform multiple audiences of how to use your work.
  • Develop and mature strategic enterprise logging policies to conform to financial sector compliance requirements.
  • Work directly with affiliates and internal business partners to gather initial monitoring requirements for integration into security monitoring platforms.
  • Work on multiple projects concurrently, monitor the status of tasks and escalate issues when appropriate for integration.
  • Identify gaps in efforts to mitigate and assess compliance areas
Apply Online
Apply with LinkedIn Apply with Facebook Apply with Twitter

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.