Security Platform Administrator (SIEM/Tanium): at Softworld Inc
Greensboro, NC
About the Job
Job Title: Security Platform Administrator
Location: Greensboro NC 27408 REMOTE
Onsite Requirements:
- SIEM Tools experience
- Sentinel Tool
- Tanium
Job Description:
- The Security Operations team is looking for a Security Platform Administrator who will play a vital role in keeping the Client Global Enterprise safe from cyber-attacks.
- As the Security Platform Administrator, you will be part of a bigger machine working to protect the company from any malicious activity.
- This role requires you to work with others to strategize threat prevention, coordinate remediations, and contribute to process improvement.
How You Will Make a Difference:
- Provide 3rd level technical support for all assigned security platforms.
- Assist with management of SIEM solution using Microsoft Sentinel and QRadar to collect, correlate, and analyze security events and alerts.
- Key resource for SIEM log ingestion, creating and tuning SIEM rules, queries, and reports.
- Provide subject matter expertise and help maintain all assigned security platforms.
- Assist in the creation of and monitoring of dashboards and logs for abnormal behaviors/intrusions.
- Utilize Tanium telemetry to promote automation efforts across the various functions within the Digital Technology organization.
- Lead efforts in creating and monitoring Tanium dashboards to drive environmental improvements.
- Perform and oversee daily administration tasks such as maintaining a version status for all deployed products and policies, including the staging and execution of minor platform upgrades.
- Recommend best practices and look for opportunities to improve processes while balancing operational and business risks.
Years of Related Professional Experience: 3+ years
Educational/ Position Requirements:
Position Requirements:
- Ability to manage all aspects of SIEM solution. Experience in Sentinel is required, and QRoC is a plus.
- Experience or knowledge of Tanium is preferred.
- Knowledge of client and server operating systems (e.g., Windows, Mac, Linux)
- Knowledge or experience with PKI management (i.e., Cloud or On-prem) a plus
- Strong emphasis on Microsoft security suite preferred.
- Subject matter expertise working with Antivirus Software, Host-based firewall, Full Disk Encryption, Application Whitelisting, File Integrity Monitoring a plus.
- Knowledge of Email Security protocols including SMTP, SPF, DKIM, and DMARC a plus
- Working knowledge of SASE solutions and/or Zscaler a plus
- Knowledge of Enterprise Management Solutions such as Tanium a plus
- Participate in rotating on-call schedule for after-hours support as needed.
Educational Requirements:
- An associate or bachelor's degree in computer science, Information Systems, or other related fields or commensurate hands-on experience
- Cybersecurity or IT-related certifications (Security+, GSEC, CISSP, equivalent) are a plus.
Special Physical and/or Mental Requirements:
- Minimal travel requirements