Logo
National Black MBA Association

Senior Security Engineer - SIEM and UBEA

National Black MBA Association, Bethesda, Maryland, us, 20811


Job Number

24169211Job Category

Information TechnologyLocation

Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States VIEW ON MAPSchedule

Full-TimeLocated Remotely?

YRelocation?

NPosition Type

ManagementJOB SUMMARY

We are seeking a highly skilled and experienced Senior SIEM and UEBA Engineer to join our cybersecurity operations team. The ideal candidate will have extensive experience in security architecture and engineering, with a strong focus on SIEM, UEBA platforms and log management. Responsibilities include design, implementation, and maintenance of SIEM, UEBA and log management systems. This role will provide engineering support for Insider Threat and Detection Engineering analytics teams to support development of threat detections.CANDIDATE PROFILEEducation and ExperienceRequired:Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification3+ years of experience in:

Security architecture and engineering experience on SIEM, UEBA, and log collection and management platforms.Scripting language experience (*nix shell scripting, Python, PowerShell, etc.) and regular expressionsLinux and Microsoft operating systems (advanced knowledge)

5+ years of experience in some or all

of the following:

Experience working in (or with) security functions such as SOC, CIRT, security engineering, risk management, vulnerability management.Technical infrastructure operations, administration, or systems engineering

Preferred Skills/Experience:Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

or an equivalent .Splunk Certification, including Splunk Enterprise Security Certified AdminCribl Certified Admin: StreamWorking knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022Working knowledge of the MITRE ATT&CK FrameworkExabeam UEBA platform and Advanced Analytics administrationSplunk Enterprise platform and Splunk Enterprise Security administrationHands on experience with logging implementations for services/assets in cloud service provider platforms (AWS, Azure, GCP)Familiarity with Identity and access management systems, firewalls, next-gen anti-malware, intrusion detection and prevention systems, proxies, reverse proxies, credential vaults, and database fundamentals.Knowledge of IP networkingSolid written and verbal communication skillsCore ResponsibilitiesWhat You’ll be Doing:Designing, implementing, and maintaining the SIEM, UEBA, and log management systems.Implementing and maintaining data pipelines to analytics platforms to support threat detection with SIEM, UEBA, and other log collection and management tools.Working with Insider Threat, Detection Engineering, and other security analytics teams to support the development of threat detection analytics. This includes integrations, data onboarding, data normalization, and stack tuning, for SIEM and UEBA platforms. You’ll also collaborate with other security analytics teams to support data onboarding and other data management work for analytics development in Amazon Security Lake.Collaborating with stakeholders in Global Information Security, Enterprise Architecture and other IT teams on the development of procedures, standards, integration and operability patterns for logging and monitoring.Identifying and resolving escalated engineering-level analytics platform performance and functional problems for SIEM, UEBA, and log management systems.Collaborating with other teams such as Security Architecture, Security Engineering, Policy and Compliance, network operations teams, dev ops teams to ensure the security of our infrastructure through the application of security controls for SIEM, UEBA, and log management systems.Keeping pace with the latest security trends, threats, and technologies and making recommendations for improvements to our security posture.Providing technical guidance and mentoring to junior team members.Creating reports on analytics platform operations, documenting engineering processes, creating SOPs, and presenting findings and issues remediation plans to management and other stakeholdersProvide direction and support for the development of platform metrics, dashboards, and reports for analytics platforms to support operational monitoring.Additional Responsibility:Contribute to ongoing development and maintenance of documented standards, workflows, and best practices within the Analytics Platform Engineering discipline.Research emerging threats and adversary tactics, techniques, and procedures to understand the threat landscape and the implications on our analytics platform architecture and configurations to maintain good security posture.Provide governance support for the analytics platforms such as platform management standards and change oversight.Support budgeting work with analysis of analytics platform resource and licensing utilization and forecasted needs.Occasional participation in evaluations of new platforms, technologies and methodologies pertaining to security monitoring.Attend SCRUM and prioritization meetings to review and update deliverables.Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.

Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed.

Be

where you can do your best work,

begin

your purpose,

belong

to an amazing global team, and

become

the best version of you.

#J-18808-Ljbffr