Logo
Insight Global

Insight Global is hiring: Remote Siem Engineer in Middletown

Insight Global, Middletown, PA, United States


A global electrical design and manufacturing company is seeking two highly skilled SIEM Engineers to join their enterprise security team! The SIEM/SOAR Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources. They are competent to work in all aspects of managing security controls and products.

Key Responsibilities:

- Design, develop, and implement security information and event management (SIEM) rules and detections within the Devo SIEM platform.

- Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.

- Utilize Regex for efficient log parsing and extraction of relevant security events.

- Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.

- Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.

- Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.

- Collaborate with the security operations center (SOC) team to ensure effective incident response and threat hunting.

- Stay current with emerging threats and security best practices, recommending improvements to the SIEM configuration.

- Document SIEM configurations, detection rules, and incident response procedures.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

- Experience with Devo

- Experience supporting an enterprise environment

- Experience with EDR technologies (Crowdstrike)
- 3+ years in Information Security SIEM administration, parser development, cybersecurity content development, creating queries, alerting, and log analysis

- 3+ years' experience in scripting/process automation

- Experience with security configuration of operating systems and network devices

- Demonstrated experience in understanding networking technologies and protocols

- Demonstrated some systems administration experience with Windows and Linux/UNIX-based operating systems

- Ability to participate in an on-call schedule for high-priority issues

- Experience supporting a SOC environment

- Expertise in evaluating areas of improvement, new technologies, and creating new technical strategy