Security Engineer, LogRhythm
A Security Engineer is a technology specialist. The focus is SIEM technologies and administration of those technologies. The Security Engineer works closely with the Technical Service Lead to provide support and assistance. Most work is scheduled and delivered in a given time frame. The Security Engineer will also have excellent working relationships with customer and HG team members will be active within his/her technologies.
The Security Engineer is responsible for working with customer and HG Team at multiple levels in order to identify and align business and IT objectives, discover Security or operational pain points, offer recommendations, and recognize current and future IT security needs.
- Communicate effectively orally and in writing and establish a cooperative working relationship with persons contacted in the course of performing assigned duties.
- Dealing with SIEM infrastructure, deployment failures and reconfigurations
- Execute highly technical changes, change windows, and client requests
- Schedule and run normal/standard changes (Signature Updates, Security Patches, Major Software Releases, Deploy Apps & Add-on)
- Perform system health check for the system with automation as well as manual checks
- Perform periodic configuration back and admin password rotation as per compliance policy.
- Ensure the completion of tasks and update tickets with SLA (Service Level Agreement)
- Utilize tools and analytical skills to investigate root cause of issues across the technologies
- Document the investigation and provide solution recommendations
- Improve upon existing policies and configurations of client technologies
- Provide mentorship and guidance to Tier-I and Tier-II SOC analysts regarding SIEM technologies
- Providing major component infrastructure support, dealing with SIEM system failures or reconfigurations, opening and following up on tickets with 3rd party vendors
- Maintain current knowledge on industry issues/trends and competitive products
Desired Skills and Experience
- College Diploma or University Degree in Information Security or relevant security up-to-date certificates and/or equivalent work experience
- Holds certifications of security technologies or network technologies
- Minimum 3 years’ experience in IT security field
- Strong understanding of IT Security concepts, best practices, and market direction
- Have experience in security/operational network architecture design
- Must have proficient knowledge and experience with SIEM technologies
- Strong troubleshooting, reasoning and problem-solving skills
- Excellent communications skills
- Exceptional Time Management and organizational skills
- A positive and constructive minded team player
The following will be considered an asset:
- Holds certifications such as Security+
- Holds certifications in Splunk (Admin), QRadar, McAfee ESM, RSA Net Witness, Sumologic, LogRhythm and Exabeam
- Security threat and attack countermeasures
- Ability to conduct forensic analytical studies and investigations