Security Engineer Job at TEKsystems in Tempe
TEKsystems, Tempe, AZ, US
Job Description
Job Title
- Cybersecurity engineer
Top Skills' Details
1. 2+ years experience with SIEM ( deploying, configuration, query languages)
2. Experience with linux virtual machines and Windows administration
3. 2+ years experience with Python scripting and exposure to Azure logic Apps (nice to have)
Secondary Skills - Nice to Haves
Job Description
Since this role will be working mainly on the tool (SIEM) and not doing daily security analyst work, the candidate should be comfortable and experienced working out of the tool on a daily basis.
ESSENTIAL FUNCTIONS OF THE JOB
We are looking to hire a Cyber Security Engineer with an analytical mind and a detailed understanding of cyber security methodologies. Cyber Security Engineers are expected to have a meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure and deliver on tight deadlines.
To ensure success, a Cyber Security Engineer must display an excellent understanding of SIEM administration, and have familiarity with standard networking technologies using Firewalls, Servers, IDS/IPS, to name a few. Top candidates will be comfortable working with a variety of technologies, security problems and troubleshooting of the tools.
What this role is not: It is not a role that performs SOC Analyst duties of threat detection and response.
What this role is: This role is primarily focused on the proper operation and ongoing innovation of the SOC platform and tools.
CYBER SECURITY ENGINEER RESPONSIBILITIES
Planning, implementing, managing, monitoring and upgrading security measures for the protection of the organizations data, systems and networks.
Taking lead on onboarding new Managed Security Services clients and deploying our standard SIEM package as well as other security solutions such as Vulnerability Management.
Responsible for the proper operation of the SIEM tool(s) used , which includes trend analysis of logs, data source log collection health, proper triggering of rules, etc.
Responsible for content creation within the SIEM, in the form of correlation rules, automation rules (SOAR), dashboards, etc.
Assist SOC Analyst team on a daily basis for Indication of Compromise detection and identification of new use cases.
Testing and identifying network and system vulnerabilities.
Daily administrative tasks, reporting and communication with the relevant departments in the organization.
Providing recommendations to leadership and challenging the status quo.
Additional Skills & Qualifications
A degree in Computer Science, CyberSecurity, Systems Engineering or related experience.
Minimum 2 years of work experience with incident detection and incident response.
Minimum 2 years of SIEM administration and content creation within SIEM (correlation rules, queries, etc)
Experience with Windows AND Linux administration
Experience with the functionality of firewalls, operating systems security, cloud security, etc.
Experience with Azure Sentinel a BIG plus.
Experience with Azure Logic Apps a BIG plus.
Proficiency in Python or Power Shell a BIG plus.
Proficiency in Big Data a BIG plus.
Ability to work under pressure in a fast-paced environment.
Strong attention to detail with an analytical mind and outstanding problem-solving skills.
Great awareness of cybersecurity trends and hacking techniques.
Must be comfortable learning new technologies, tools, and processes.