JobRialto
Lead Information Security Engineer
JobRialto, Charlotte, North Carolina, United States, 28245
Job Summary:
We are seeking an experienced Information Security Engineer with expertise in Splunk administration, security monitoring, and incident response. The ideal candidate will have 7+ years of experience in Information Security Engineering and hands-on experience with Splunk, including server administration, data onboarding, and advanced alerting. This role will involve designing, developing, and maintaining security solutions and conducting security investigations in a fast-paced environment. Strong technical skills combined with the ability to collaborate with peers and clients are essential for success.
Key Responsibilities: Security Incident Response: Lead or participate in computer security incident response activities for moderately complex security events. Investigation & Forensics: Conduct technical investigations of security incidents and post-incident digital forensics to identify causes and recommend mitigation strategies. Security Consulting: Provide security consulting on medium-sized projects to ensure conformity with corporate information security policies and standards. Solution Design & Maintenance: Design, document, test, and maintain security solutions for areas such as networking, cryptography, cloud, authentication, directory services, email, internet, applications, and endpoint security. Security Log Management: Review and correlate security logs to identify potential threats and vulnerabilities. Risk Management: Identify vulnerabilities, perform risk assessments, and evaluate remediation alternatives. Security Best Practices: Implement security solutions and best practices related to availability, integrity, confidentiality, incident response, access management, and business continuity. Data Quality: Measure and track data quality and resolve related issues. Collaboration: Work collaboratively with peers, colleagues, and managers to resolve security issues and achieve security goals. Required Qualifications:
Experience:
7+ years of Information Security Engineering experience, demonstrated through work experience, training, military service, or education. 4+ years of Splunk Server Administration and Data Onboarding. 4+ years of experience with the Common Information Model (CIM) and Field Normalization. 4+ years of experience developing Splunk Alerts, Reports, and advanced XML/Dashboards. 4+ years of experience developing High Performance/Low Impact Splunk Searches. Strong understanding of Splunk tags, eventtypes, and macros. 4+ years of experience measuring, tracking, and resolving Data Quality issues. Full understanding of Splunk Architecture (enterprise clustered environments). 3+ years of experience with Linux CLI and Shell scripting. 3+ years of experience with Splunk CLI configuration and management. 3+ years of experience with Regular Expressions (RegEx). Preferred Qualifications:
Cloud Security: Experience with Google Cloud Logging and database security event logging and monitoring. Programming: Knowledge of Python 3 for scripting and automation tasks. Documentation: Experience with Confluence for documentation and knowledge sharing. Security Solutions: Hands-on experience with security solutions and technologies related to cloud security, threat detection, access management, and data protection.
Certifications (if any):
Splunk Certified Admin or Splunk Certified Power User certification.
Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH).
Google Cloud Security or related cloud certifications (e.g., GCP Professional Cloud Security Engineer).
Education:
Bachelors Degree
We are seeking an experienced Information Security Engineer with expertise in Splunk administration, security monitoring, and incident response. The ideal candidate will have 7+ years of experience in Information Security Engineering and hands-on experience with Splunk, including server administration, data onboarding, and advanced alerting. This role will involve designing, developing, and maintaining security solutions and conducting security investigations in a fast-paced environment. Strong technical skills combined with the ability to collaborate with peers and clients are essential for success.
Key Responsibilities: Security Incident Response: Lead or participate in computer security incident response activities for moderately complex security events. Investigation & Forensics: Conduct technical investigations of security incidents and post-incident digital forensics to identify causes and recommend mitigation strategies. Security Consulting: Provide security consulting on medium-sized projects to ensure conformity with corporate information security policies and standards. Solution Design & Maintenance: Design, document, test, and maintain security solutions for areas such as networking, cryptography, cloud, authentication, directory services, email, internet, applications, and endpoint security. Security Log Management: Review and correlate security logs to identify potential threats and vulnerabilities. Risk Management: Identify vulnerabilities, perform risk assessments, and evaluate remediation alternatives. Security Best Practices: Implement security solutions and best practices related to availability, integrity, confidentiality, incident response, access management, and business continuity. Data Quality: Measure and track data quality and resolve related issues. Collaboration: Work collaboratively with peers, colleagues, and managers to resolve security issues and achieve security goals. Required Qualifications:
Experience:
7+ years of Information Security Engineering experience, demonstrated through work experience, training, military service, or education. 4+ years of Splunk Server Administration and Data Onboarding. 4+ years of experience with the Common Information Model (CIM) and Field Normalization. 4+ years of experience developing Splunk Alerts, Reports, and advanced XML/Dashboards. 4+ years of experience developing High Performance/Low Impact Splunk Searches. Strong understanding of Splunk tags, eventtypes, and macros. 4+ years of experience measuring, tracking, and resolving Data Quality issues. Full understanding of Splunk Architecture (enterprise clustered environments). 3+ years of experience with Linux CLI and Shell scripting. 3+ years of experience with Splunk CLI configuration and management. 3+ years of experience with Regular Expressions (RegEx). Preferred Qualifications:
Cloud Security: Experience with Google Cloud Logging and database security event logging and monitoring. Programming: Knowledge of Python 3 for scripting and automation tasks. Documentation: Experience with Confluence for documentation and knowledge sharing. Security Solutions: Hands-on experience with security solutions and technologies related to cloud security, threat detection, access management, and data protection.
Certifications (if any):
Splunk Certified Admin or Splunk Certified Power User certification.
Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH).
Google Cloud Security or related cloud certifications (e.g., GCP Professional Cloud Security Engineer).
Education:
Bachelors Degree