Security Engineer - Philadelphia, PA - Georgia IT Inc.
Philadelphia, PA
About the Job
Security Engineer
Location: Philadelphia, PA
Position Type: Contract
Rate: DOE
USC, GC, EAD and H1B are preferred
Core Responsibilities:
Location: Philadelphia, PA
Position Type: Contract
Rate: DOE
USC, GC, EAD and H1B are preferred
Core Responsibilities:
- Support and maintain the SIEM infrastructure inclusive of the OS, application software, appliances, and databases
- Provide and support requirements for system health monitoring, remediation, event log collection and analysis
- Performs deployment, testing, and validation of infrastructure enhancements and system components
- Provide actionable and proactive engineering plans to management to support ever increasing availability, capacity, and capability requirements of the SIEM
- Works with operational teams to develop and improve monitoring solutions, plan and schedule maintenance, and implementing changes
- Develop standards and procedures for managing, monitoring, and updating systems and applications
- Log source onboarding review, use case requirement gathering and documentation
- Understanding of log source parsing needs and methods
- Development of correlation rules based on identified requirements
- Tuning of existing rules to enhance detection capabilities
- Perform cyclical evaluation of SIEM content to enhance processes and capabilities
- Communicates progress of work in progress, key initiatives, and walkthroughs on complex designs and architecture
- Works under immediate supervision - Typically reports to a supervisor or manager
- Experience in building and managing SIEM use cases and content driven from customer requirements
- Experience in log formats and source data for SIEM analysis
- Experience in deploying systems and applications, monitoring, ETL, and configuration management
- Knowledge with SIEM platforms (e.g., ArcSight, Splunk, LogRhythm, QRadar, etc.) and concepts:
- Logging - Parsing, Normalization, Aggregation, Filtering and Enrichment
- Events - Correlation, Alerting, and Monitoring via Reports, Dashboards, & Active Channels
- Health - Monitoring of varies aspects SIEM environment: application, hardware, and events
- Experience with IT Operations Environment and Incident Response
- Strong communication skills understanding the value of good documentation, ability to detail complex systems in simple language, and express concerns about design and architecture with appropriate solutions
- Proactive in engaging with stakeholders for effective use case requirement gathering
- Proven ability to excel in a team, as an individual, in a dynamic environment and still meet deadlines
- Bachelor's degree in computer science or similar
- Requires 5+ years of experience in the field or in a related area
- Preferred Certification(s): CISSP
Source : Georgia IT Inc.