Lead Security Analytics & Automation Engineer

About The Position

Requirements

• 5-7 years of professional work experience in a relevant field.
• BS/BA degree or equivalent experience.
• 3-5 years of IT experience in a technical position as an engineer, architect, or system administrator within a large-scale mission-critical enterprise environment.
• 3+ years of direct hands-on experience in administration or support of SIEM solutions.
• Experience deploying, configuring, and maintaining a SIEM at scale.
• Experience writing complex queries for dashboards, reports, and applications.
• Experience automating repetitive operations with scripting languages.
• Working knowledge of enterprise architecture and infrastructure components.
• Experience working in an Agile environment using Scrum or Kanban methods.
• Team-oriented with strong communication and interpersonal skills.
• Ability to manage all aspects of large-scale projects including planning, prioritizing, executing, delivering, and sustaining.

Nice To Haves

• Experience creating security detections for Splunk Enterprise Security or other correlation tools.
• Proficiency with Linux platforms, including shell scripting (Red Hat preferred).
• Experience with cloud platforms such as Microsoft Azure and Google Cloud Platform.
• Experience with additional logging/data broker ETL technologies such as Kafka or Cribl.
• Certified Splunk Power User or Administrator, CISSP certification preferred.
• Working knowledge of machine learning and UEBA concepts.

Responsibilities

• Design, implement, and support SIEM and SOAR solutions for a global organization.
• Perform SIEM component configuration and troubleshooting across various platforms, both on-premises and in public clouds.
• Integrate data sources into SIEM from on-premises and cloud-deployed devices and applications.
• Develop SIEM content and support other content developers using expert knowledge.
• Monitor internal data sources to identify and resolve potential performance issues.
• Automate frequently used processes and workflows with SOAR technologies.
• Maintain technical documentation and design documents related to system configurations, processes, and operational procedures.

Benefits

• Competitive compensation package including base pay and potential bonuses.
• Annual bonus or long-term incentive opportunities.