Talent.com
SIEM Engineer

SIEM Engineer

ApexonNashville, TN, United States
7 days ago
Job type
  • Full-time
Job description

Required Skills :

  • IBM QRadar SIEM; Nessus; Palo Alto EDR; Palo Alto XDR;SIEM;SOC / SIEM; Use cases; Supporting : ;

Preferred Skills : Prior experience engaging with State agencies / employees as clients

Responsibilities :

  • Primary engineer managing SIEM platform with IBM QRadar and / or Palo Alto XSIAM and supporting delivery for Managed Security Services to a State Government client to provide timely, accurate, planned completion and implementation of security services, which must be available for 24x7x365 support.
  • Leads primary day-to-day SIEM interactions with project team and State cybersecurity staff.
  • Manages platform health, performs upgrades, including managing deployed sensors and collectors.
  • Interacts with SOC analysts to tune alerts and use cases, to include integrations with client.
  • Previous hands-on QRadar engineering and configuration experience required as system will be undergoing platform upgrades. Any Palo Alto XSIAM training
  • Adding new log sources to existing QRadar and / or XSIAM, configure use cases, alerts, etc.
  • Perform QVM scans
  • Conduct Nessus SCSEM scans
  • Triage scan finds, publish results, fine tune alerts
  • Ensure software is developed to meet functional, non-functional, and compliance requirements.
  • Code solutions and perform unit testing.
  • Ensure the solution can be integrated successfully into the overall application / system with clear, robust, and well-tested interfaces.
  • Perform troubleshooting, work through complex requirements / solutions, and provide assistance / coaching with the creation of QRadar search queries and dashboards.
  • Provide engineering and administration in supporting complex and large Splunk environments consisting of search heads, indexers, deployment servers, heavy / universal forwarders, etc.
  • Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports.
  • Maintain strong partnership with Detection & Response leadership and other teams in Security Org
    • Create a job alert for this search

    Engineer Engineer • Nashville, TN, United States