Priamba
Cybersecurity – Incident Monitoring & Response (Splunk)
Priamba, New York, New York, us, 10261
Position TitleCybersecurity - Incident Monitoring & Response (Splunk)DescriptionAs a successful company on a path to global growth, Priamba Soft offers challenging responsibilities and exciting career opportunities to performance-driven, skilled specialists with solid professional knowledge and proven career expertise who wish to contribute to our company’s success.
Responsibilities
Specific knowledge of Asset Monitoring implementation (using SolarWinds and SPLUNK), configuration, and alert correlation rule set creation.
Ability to multitask and switch priorities, as warranted.
Proven ability to understand and analyze issues, then apply knowledge, experience, and judgment to develop sound recommendations especially as related to current threat/attack vectors, and/or vulnerability management using key tool deployments.
Strong research and writing skills.
Knows when to notify management when deadlines are at risk.
Must be able to develop assignment associated documentation that will be consumed by users of diverse backgrounds and skills.
Ability to communicate concisely, effectively, and directly to management.
Ability to work with and across teams.
This role involves driving the creation of new SIEM (Security Information and Event Management) content, including security event correlation rules, trends, dashboards, and reports, as well as leading the maintenance and optimization of current content and event flow, as required by the agency’s Control Center CyberSecurity program.
The role also requires driving the configuration of various asset monitoring tools that will be source data feeds for SIEM ingestion.
The ideal candidate has experience in the information security and/or information technology fields.
The candidate will perform security related functions using current tools and will need to be proficient with the various tools to ensure effective and valid results.
The candidate has excellent technical background across a wide range of security disciplines and solutions.
The candidate must have excellent presentation, report writing, and business interface skills.
The candidate is a self-starter and willing to drive assignments.
The candidate will be able to analyze and assess security risk and facilitate the development and implementation of effective compensating controls.
This candidate will function within the Control Center CyberSecurity Team but will ideally be effective across the entire security spectrum and able to analyze complex security issues and explain them in standard business language.
Functional knowledge of both technical and business aspects of security monitoring and alerting is required.
Lead deployment and/or enhancements of new SIEM (SPLUNK) and Asset Monitoring (SolarWinds) tools and configurations.
Implement custom alerts and reports based on monitored assets, asset logs, and associated correlation profiles.
Research and provide recommendations to management on technical decisions associated with SIEM and Asset Monitoring implementation and enhancements.
Candidate will interface with various agency IT groups to develop requirements and apply best practices to optimize deployment and utilization of tools.
Candidate must have a valid driver’s license and be willing to occasionally travel within NYC and Westchester, NY, and be available to troubleshoot issues associated with deployments.
Qualifications
Bachelor’s degree in Computer Science/Engineering or equivalent work experience.
5-7+ years of information security, incident response, and/or information technologies experience.
Strong understanding of Cybersecurity, incident monitoring and response, and networking concepts.
ContactsTel: 732-746-0147
Email:
info@priamba.com
#J-18808-Ljbffr
Responsibilities
Specific knowledge of Asset Monitoring implementation (using SolarWinds and SPLUNK), configuration, and alert correlation rule set creation.
Ability to multitask and switch priorities, as warranted.
Proven ability to understand and analyze issues, then apply knowledge, experience, and judgment to develop sound recommendations especially as related to current threat/attack vectors, and/or vulnerability management using key tool deployments.
Strong research and writing skills.
Knows when to notify management when deadlines are at risk.
Must be able to develop assignment associated documentation that will be consumed by users of diverse backgrounds and skills.
Ability to communicate concisely, effectively, and directly to management.
Ability to work with and across teams.
This role involves driving the creation of new SIEM (Security Information and Event Management) content, including security event correlation rules, trends, dashboards, and reports, as well as leading the maintenance and optimization of current content and event flow, as required by the agency’s Control Center CyberSecurity program.
The role also requires driving the configuration of various asset monitoring tools that will be source data feeds for SIEM ingestion.
The ideal candidate has experience in the information security and/or information technology fields.
The candidate will perform security related functions using current tools and will need to be proficient with the various tools to ensure effective and valid results.
The candidate has excellent technical background across a wide range of security disciplines and solutions.
The candidate must have excellent presentation, report writing, and business interface skills.
The candidate is a self-starter and willing to drive assignments.
The candidate will be able to analyze and assess security risk and facilitate the development and implementation of effective compensating controls.
This candidate will function within the Control Center CyberSecurity Team but will ideally be effective across the entire security spectrum and able to analyze complex security issues and explain them in standard business language.
Functional knowledge of both technical and business aspects of security monitoring and alerting is required.
Lead deployment and/or enhancements of new SIEM (SPLUNK) and Asset Monitoring (SolarWinds) tools and configurations.
Implement custom alerts and reports based on monitored assets, asset logs, and associated correlation profiles.
Research and provide recommendations to management on technical decisions associated with SIEM and Asset Monitoring implementation and enhancements.
Candidate will interface with various agency IT groups to develop requirements and apply best practices to optimize deployment and utilization of tools.
Candidate must have a valid driver’s license and be willing to occasionally travel within NYC and Westchester, NY, and be available to troubleshoot issues associated with deployments.
Qualifications
Bachelor’s degree in Computer Science/Engineering or equivalent work experience.
5-7+ years of information security, incident response, and/or information technologies experience.
Strong understanding of Cybersecurity, incident monitoring and response, and networking concepts.
ContactsTel: 732-746-0147
Email:
info@priamba.com
#J-18808-Ljbffr