Remote Security Jobs in Mesa az

Description

SAIC is seeking a Senior Cloud Security Engineer to perform Cloud Security Engineering and Administration duties for our team providing Cybersecurity services for a major state & local government customer located in Texas. This position reports to our Cybersecurity Operations Director and is a member of the 24x7x365 security operations (SecOps) team. This specialist will have two primary categories of responsibilities : 1.) Being a technical leader in Azure Portal, Sentinel SIEM engineering, and associated tasks, and 2.) Supporting the incident response function. During your tenure, you will take ownership of the technical aspects of running and maintaining a SIEM, such as getting data in, authoring and tuning correlation rules, developing and maintaining PowerBI dashboards and reports, ensuring endpoints that are expected to send their logs are actually doing so, and other similar activities. You will also provide consultative advice and recommendations in support of these tasks, as well as coach, guide, and mentor less experienced cloud security specialists. Your backup / supporting responsibility will be incident response, including how to prepare, detect, respond / contain, mitigate / eradicate, report on, recover from, remediate, and learn from cybersecurity events and incidents in the enterprise. This includes authoring, modifying, and maintaining our internal SOC playbook and associated procedures, as well as have rotating on-call responsibilities.

This position is 100% remote.

Primary job responsibilities include :

• Azure Portal Engineering and Administration :

o User administration

o License administration

o VM administration

o Virtual network administration

o Analytics rule development, administration, troubleshooting, support

o Syslog and Logstash troubleshooting, support, and administration

o NXLOG and Microsoft agent support and troubleshooting

o Manage multiple Azure resources in support of the SIEM, such as storage blobs, key vaults, containers, etc.

o PowerBI Dashboard creation for disparate customers

o Server migrations to incorporate high-availability

o Other future project work

o Utilize knowledge, skills, and abilities to automate a variety of tasks as it relates to threat intelligence, incident detection / response, EnCase anomaly and IOC scanning, and other activities.

o Develop and maintain Azure Logic Apps to perform data acquisition, transformation, storage, and / or transmission

o Configure and maintain API connectivity and integrations with supporting tools such as ServiceNow, and security tools

o Develop and maintain Azure data factory pipelines

o Configure, monitor, and manage EnCase anomaly and IOC scans

o Perform Sentinel log searches in support of incident detection and response activities

o Provide coaching and guidance for more junior SOC personnel

Qualifications

Required :

Preferred :

What we will provide :

What we expect from you :

Target salary range : $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy : SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.