Cyber Security Engineer
Brooksource
Lansing, MI, United States
Full-time
Job Description : As a Security Engineer specializing in SIEM (Security Information and Event Management) and Splunk, you will play a crucial role in safeguarding our organization's digital assets and ensuring the integrity of our IT infrastructure.
Your primary responsibilities will revolve around managing and optimizing our SIEM platform, with a strong focus on Splunk.
Additionally, your expertise in infrastructure management will be highly valued as you collaborate with cross-functional teams to enhance data ingestion processes and strengthen our overall security posture.
Responsibilities :
- Configure, deploy, and maintain our SIEM platform, with a focus on Splunk, to effectively monitor and analyze security events.
- Develop and optimize SIEM correlation rules and alerts to identify and mitigate security threats in real-time.
- Collaborate with IT and security teams to design and implement data ingestion pipelines, leveraging your infrastructure experience to ensure efficient and scalable processes.
- Conduct regular reviews and assessments of SIEM / Splunk configurations to ensure alignment with security best practices and regulatory requirements.
- Investigate and respond to security incidents, performing in-depth analysis of logs and alerts to identify root causes and recommend remediation actions.
- Act as a subject matter expert on SIEM / Splunk-related matters, providing guidance and training to junior team members and other stakeholders.
- Stay current with industry trends and emerging technologies in SIEM and security analytics, continuously seeking opportunities to enhance our security capabilities.
Qualifications :
- Proven experience working with SIEM platforms, particularly Splunk, in a security engineering capacity.
- Strong understanding of IT infrastructure components (e.g., networks, servers, databases) and experience with infrastructure management.
- Excellent communication and interpersonal skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders.
- Relevant certifications such as Splunk Certified Power User or Splunk Certified Admin are highly desirable.
- Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data manipulation is a plus.
- Ability to work independently and collaboratively in a fast-paced environment, prioritizing tasks effectively to meet deadlines and deliver results.
30+ days ago