Job Description

Role Title: SIEM Engineer

Location- Remote

Duration: Full-time with Apexon

Required Skills

• IBM QRadar SIEM
• Nessus
• Palo Alto EDR
• Palo Alto XDR
• SIEM
• SOC/SIEM
• Use cases
• Supporting
• Palo Alto XSIAM
• Cribl

Preferred Skills

• Prior experience engaging with State agencies/employees as clients

Responsibilities

• Primary engineer managing SIEM platform with IBM QRadar and/or Palo Alto XSIAM and supporting delivery for Managed Security Services to a State Government client to provide timely, accurate, planned completion and implementation of security services, which must be available for 24x7x365 support.
• Leads primary day-to-day SIEM interactions with project team and State cybersecurity staff. Manages platform health, performs upgrades, including managing deployed sensors and collectors. Interacts with SOC analysts to tune alerts and use cases, to include integrations with client.
• Previous hands-on QRadar engineering and configuration experience required as system will be undergoing platform upgrades. Any Palo Alto XSIAM training
• Adding new log sources to existing QRadar and/or XSIAM, configure use cases, alerts, etc.
• Perform QVM scans
• Conduct Nessus SCSEM scans
• Triage scan finds, publish results, fine tune alerts
• Ensure software is developed to meet functional, non-functional, and compliance requirements.
• Code solutions and perform unit testing.
• Ensure the solution can be integrated successfully into the overall application/system with clear, robust, and well-tested interfaces.
• Perform troubleshooting, work through complex requirements/solutions, and provide assistance/coaching with the creation of QRadar search queries and dashboards.
• Provide engineering and administration in supporting complex and large Splunk environments consisting of search heads, indexers, deployment servers, heavy/universal forwarders, etc.
• Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports.
• Maintain strong partnership with Detection & Response leadership and other teams in Security Org.

Job Tags

Similar Jobs