100% Remote-SIEM Engineer-06+ Months
Posted 7 days ago by Dexperts Inc
Negotiable
Undetermined
Remote
Remote
Summary: Seeking a SIEM Engineer to enhance the Cybersecurity Ops SIEM Engineering team, focusing on onboarding various log sources to a Splunk-based SIEM. The role involves coordinating with multiple teams and requires a strong background in information security, particularly in configuring and integrating security logs. The candidate will assist in migrating to a Splunk Cloud environment, necessitating experience with log source configuration and validation. Effective communication and documentation skills are essential for tracking and reporting efforts throughout the migration process.
Key Responsibilities:
- Assist in the onboarding of log sources to Splunk-based SIEM.
- Coordinate Change tickets and validate/document changes.
- Support the migration to Splunk Cloud, including configuration of log sources.
- Communicate project status and deadlines across teams.
- Document SIEM integration processes and procedures.
Key Skills:
- 5-7 years of experience in information security.
- Configuration of security logs from multiple sources.
- Understanding of firewall and network concepts.
- Experience with Splunk (advanced) and CRIBL (basic).
- Familiarity with general IT technologies (Windows, Red Hat Linux, AWS).
- Proficient in JIRA, ServiceNow, Confluence, and GitHub.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Hello,
I have below exclusive position with my client. Please let me know your interest so that we can move ahead for further steps.
Job Details:
Job Title: SIEM Engineer
Location: 100% Remote
Duration: 06+ Months
Job Summary
Seeking a candidate to help grow and improve their Cybersecurity Ops SIEM Engineering team. The team handles the end-to-end process of onboarding a variety of log sources to the Splunk based SIEM. This function interfaces with many different teams and requires both a wide and deep understanding of several different information technology and cybersecurity concepts and how they function and apply to a corporate enterprise environment. The candidate should have an established background in information security and should have experience with both the configuration and integration of security logs to Splunk in a medium to large organization.
The candidate will be assisting the US Cybersecurity Engineering Team in the organization s migration to Splunk Cloud. This entails the configuration of existing log sources using Splunk Universal Forwarder agents and re-configuration of legacy syslog based to point to newly deployed CRIBL ingestion layers. This implies coordinating Change tickets, validating and documenting changes including tracking and reporting of efforts.
The candidate will be assisting in the organization s migration to a Splunk Cloud environment which requires experience in a multitude of concepts:
- 5-7 years of experience
- Configuration of Security logs on multiple sources
- Understanding of Firewall and Network concepts
- Validation of Security logs in Splunk SIEM/CRIBL
- Recognizing and identifying issues and creative problem-solving solutions
- Designing, implementing, and executing testing procedures and documentation/reporting
- Communicating effectively across several different teams and entities
- Effective communication as to the status of weekly, monthly, and quarterly project deadlines and deliverables
- Effective, precise, and detailed documentation in regard to the SIEM integration of log sources
The candidate should have experience with the following tools:
- Splunk (Advanced user-level) and CRIBL (basic)
- General IT technologies (Windows, Red Hat Linux, Firewalls, Proxy, Databases, AWS (intermediate)
- JIRA (or any agile based platform)
- ServiceNow
- Confluence
- GitHub collaboration experience