Job Description Who we are looking for:
SIEM Engineer, MSS to work in Optiv Security s 24x7x365 Security Operations Center as a member of the Managed Security Services (MSS) team. Responsible for creation of procedures, implementation of processes and solutions across internal and client environments. Experience with SIEM or Situational Awareness is necessary. The Security Engineer will work closely with Senior Security Engineers, Senior Engineers, Solution Architects, other Security Engineers and clients to complete high profile, critical services to existing Managed Security Service clients. (PREFERRED work locations: Elkridge MD, Roswell GA, Overland Park KS)
How you ll make an impact:
Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution.
Act as a point of escalation for other Engineers (Associate Engineer) and provide guidance and mentoring.
Advise best practice on SIEM and Enterprise Security products to both technical and relatively non-technical personnel.
Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies.
Implement and configure SIEM software and appliance-based products in large enterprise and Government environments.
Develop and maintain content and reporting.
Provide escalation support to Tier 1 and 2 for Authorized Support Customers, following processes and interacting appropriately with both customers and partners when required.
Perform knowledge transfers to clients regarding security and system configuration awareness. Qualifications Qualifications for success:
2-3 years professional experience maintaining SIEM or infrastructure systems in the Information Security field
2-3 years professional experience working in a technical team environment.
College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
Experience with various SIEM security products such as: ArcSight, QRadar, Nitro, Splunk, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.
Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i. e. Jira, Confluence, etc.).
General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).
Knowledge of Linux and Windows Operating Systems.
An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
Training and experience in one or more non-SIEM network security products to include: Enterprise endpoint security products, Network components such as Firewalls and Proxies to include Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva or other similar network security products.
CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE.
Familiarity with DevOps
Professional experience working with networks and network architecture.
Additional Information All your information will be kept confidential according to EEO guidelines.