SIEM Engineer

About The Position

Requirements

• Experience with IBM QRadar SIEM.
• Experience with Nessus.
• Experience with Palo Alto EDR and XDR.
• Experience in SOC/SIEM environments.
• Ability to create and manage use cases.

Nice To Haves

• Prior experience engaging with State agencies/employees as clients.

Responsibilities

• Manage SIEM platform with IBM QRadar and/or Palo Alto XSIAM.
• Support delivery for Managed Security Services to a State Government client.
• Lead day-to-day SIEM interactions with project team and State cybersecurity staff.
• Manage platform health and perform upgrades.
• Interact with SOC analysts to tune alerts and use cases.
• Add new log sources to existing QRadar and/or XSIAM.
• Configure use cases, alerts, etc.
• Perform QVM scans.
• Conduct Nessus SCSEM scans.
• Triage scan findings and publish results.
• Fine-tune alerts.
• Ensure software meets functional, non-functional, and compliance requirements.
• Code solutions and perform unit testing.
• Ensure successful integration of solutions into overall application/system.
• Perform troubleshooting and assist with QRadar search queries and dashboards.
• Provide engineering and administration support for complex Splunk environments.
• Review and architect frameworks for security automation and orchestration.
• Maintain strong partnership with Detection & Response leadership and other teams.