Sr. SIEM & SOAR LEAD

Description :

Person should know CIAM, SIEM, Cyber security.Good presentation skillsKnowledge on Financial management of projectsCoordinate with the team for status reportsCreate executive presentationsLocated in Tampa, FL

Sr. SIEM & SOAR LEAD

Responsibilities :

Should have leadership experience to drive and manage the team

Manage the SIEM and SOAR technical roadmap by working with the engineering team and other stakeholders.

Able to conduct the Proof of Concept (POC) of product features and develop the solution as per business requirements.

Design and implement various engineering solutions by working with other stakeholders.

Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms.

Experience with building and managing Security Data Lake and Data Warehouse.

Define SIEM and SOAR platform standards including data schema, modelling, normalization, monitoring and alerting.

Define standard patterns to integrate different systems into SIEM platforms

Ability to develop different scripts and products RegEx for configuring policy to detect security alerts as per threat, anomaly, etc.

Ability to conduct fraud analysis and threat detection.

Generate different types of reports using SIEM & SOAR data

Identify opportunities to enhance the current baseline processes and configuration

Produce engineering, integration and process related documentation.

Manage vendor relationships to drive roadmap, solution design, implementation and troubleshooting

Work with key stakeholders of the services to ensure the expectations are meeting the requirements

Knowledge of various applications and systems that include Servers, security platforms, middleware, Clouds (SaaS, PaaS and IaaS), Containers, etc. to come up with the right approach of SIEM integration

Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution

Ability to provide technical directions to other peer staff members, and to train new staff on the security team

Qualifications :

Should have leadership quality to drive the team.

At least 11+ years of experience in technology with emphasis on cyber security.

At least 5+ years of experience in SIEM and SOAR products such as Splunk, Elastic, Datadog, Cribl, etc.

At least 3+ years of experience in Data Lake and data warehouse using products such as AWS S3, Snowflake, Databricks, etc.

Subject matter expertise in SIEM and SOAR products such as Splunk, Elastic, Datadog, Phantom, Torq, etc.

Experience with scripting is highly preferred like Python, Ansible etc.

Experience in creating trending, metrics, and management reports

Experience working in complex and large-scale environments.

Familiar with industry security regulations and frameworks (MITRE Attack Framework, CIS, etc.)

Working knowledge in RegEx, Splunk search language, etc. is required.

Knowledge and experience operating in hybrid-cloud environment.

Knowledge of networking fundamentals (e.g. TCP / IP) and strong troubleshooting skills.

Knowledge of modern security principles and their practical applications.

Knowledge and experience in AWS or Azure

Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell)

Sr. CIAM Lead

Responsibilities :

Should have leadership experience to drive and manage the team.

Manage the CIAM technical roadmap by working with the engineering team and other stakeholders.

Able to conduct the Proof of Concept (POC) of product features and develop the solution as per business requirements.

Design and implement various engineering solutions by working with other stakeholders.

Leverage industry trends and market research to adopt the best practices to enhance the CIAM platform.

Experience with building and managing global infrastructure to support high availability and high performance

Define standard patterns to integrate different systems into CIAM platforms such as OIDC, SAML, OAuth, ID Gateway, SCIM, API Access, etc.

Working knowledge of user store data design with RBAC / ABAC model

A strong understanding of Authentication, MFA, Access Management, outbound provisioning and self-service capabilities using ID verification

Ability to develop different scripts and products RegEx for configuring policy to implement the right solution.

Generate different types of reports

Identify opportunities to enhance the current baseline processes and configuration

Produce engineering, integration and process related documentation.

Manage vendor relationships to drive roadmap, solution design, implementation and troubleshooting

Work with key stakeholders of the services to ensure the expectations are meeting the requirements

Knowledge of various applications and systems that include security products, middleware, Clouds (SaaS, PaaS and IaaS), Containers, etc. to come up with the right approach of CIAM integration

Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution

Ability to provide technical directions to other peer staff members, and to train new staff on the security team

Qualifications :

Should have leadership quality to drive the team.

At least 11+ years of experience in technology with emphasis on cyber security.

At least 7+ years of experience in CIAM products such as PIngIdentity, Okta, TransmitSecurity, etc.

At least 5+ years of experience in CIAM technology such as Authentication, Multi Factor Authentication, SSO, SAML, OIDC, OAuth, etc.

At least 3+ years of experience with LDAP, Active Directory and other user stores

Experience with scripting is highly preferred like Python, Ansible etc.

Experience in creating trending, metrics, and management reports

Experience working in complex and large-scale environments.

Familiar with industry security regulations and frameworks (MITRE Attack Framework, CIS, etc.)

Knowledge and experience operating in a hybrid-cloud environment.

Knowledge of modern security principles and their practical applications.

Knowledge and experience in AWS or Azure

Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell)