InteliSecure’s Security Platform Engineer (SPE) – SIEM Specialty is a seasoned expert responsible for strengthening the security posture of client environments.

The Security Platform Engineer – SIEM Specialty manages the technical aspects of client systems and is primarily responsible for solution uptime, availability, and troubleshooting.   SIEM SPEs are also responsible for the technical development of clients’ SIEM solutions. The SIEM SPE will work with his or her team to understand a client’s security needs and develop comprehensive solutions to mitigate risk, protect their most critical assets, and work to ensure return on the client’s investment.

Ensure all tasks performed adhere to the firm’s ISO 27001 Information Security Management System (ISMS).  This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that InteliSecure is constantly improving upon the organization’s ISMS.  Each member of our team must understand the importance of the ISMS and the subsequent handling of client data.

DUTIES & ESSENTIAL JOB FUNCTIONS:

• Act as a technical Subject Matter Expert (SME) and a mentor for junior team members
  
• Lead project-level and acute tasks for our clients, such as performing mass system upgrades and mitigating emergencies
  
• Develop mature and sustainable policies, parsers, and rules for our clients’ SIEM systems
  
• Work in a lab environment to test system and use case development
  
• Maintain the lab environment to ensure consistency and stability applicable to production systems
  
• Escalate complex problems via a defined escalation path to our vendors
  
• Utilize internal ticketing system for problem tracking and project development
  
• Create and maintain documentation such as scripts, knowledge base and how-to articles, etc.
  
• Write change procedures to perform scheduled changes
  
• Assist the team in meeting all client SLAs
  
• Maintain awareness of industry trends, security news, and best practices
  
• Follow all ISO 27001 security controls, policies, and procedures
  
• Take on-call rotation after hours and on weekends     
  
• Provide flexibility with schedule to cover job requirements      

OTHER FUNCTIONS AND RESPONSIBILITIES:

• Perform other duties as assigned
  

QUALIFICATIONS:

• Bachelor’s Degree in Computer Science, Information Technology, or related discipline. Experience may be considered in lieu of a degree
  
• 2+ years’ experience with one of our support solutions: IBM Q Radar, McAfee Nitro (ESM), and LogRhythm
  
• 3+ years IT security experience
  
• Possess the creativity and diplomatic tenacity to challenge the current model to improve efficiency and efficacy
  
• Working knowledge of regular expressions
  
• Solid understanding of information, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts.
  
• Working knowledge of Windows and Unix operating systems
  
• Basic knowledge of database architecture and maintenance
  
• Passion to find innovative and creative solutions to complex problems
  
• Demonstrate strong troubleshooting skills in complex environments
  
• Ability to work effectively with team members and clients
  
• Self-motivated, with ability to manage and follow up on multiple tasks simultaneously across multiple clients
  
• Ability to communicate complex ideas and solutions to a variety of audiences including directors and executives
  
• Strong time-management skills
  

HIGHLY PREFERRED:

• Security certifications: CISSP, CEH, CISM, Security+, GCIA (GIAC Certified Intrusion Analyst), GCED (GIAC Certified Enterprise Defender), GCIH (GIAC Certified Incident Handler)
  
• Working knowledge in the following technologies:
  
• Directory services such as Microsoft Active Directory, Novell eDirectory, etc
• Domain Name Services (DNS)
• File transfer applications and technologies
• SQL Database query languages, stored procedures, maintenance, and development
• Virus detection, malware detection, intrusion detection, and prevention systems
• File Integrity Monitorin
• Experience in a managed security service provider environment
• Experience in log aggregation and analytics
• Experience in network and/or firewall engineering
• Experience in systems administration
• Experience in scripting languages such as python, shell scripting, PowerShell