Apex Systems
Cloud SIEM Engineer
Apex Systems, Denver, Colorado, United States, 80285
Job#: 2055398
Job Description:
Apex Systems, a World-Class Technology Solutions Provider, is seeking applicants for the below position on behalf of our client. Please apply if interested and qualified. Please note that only qualified candidates will be contacted.
Position:
Cloud SIEM Engineer Locations:
Washington DC, Denver CO, Chicago IL - 3 days onsite/2 days remote Duration:
12+ months contract Pay Rate Range:
$75+/hr W2 **ALL APPLICANTS MUST BE ABLE TO WORK DIRECTLY ON APEXS W2 WITHOUT SPONSORSHIP NEEDED NOW OR IN THE FUTURE** Key Responsibilities: Leadership and Development:
As an Individual Contributor with significant Cloud (AWS or Azure) and Security Information and Event Management (SIEM) domain experience, collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and enhance the team's capabilities. AWS Detection Engineering:
Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the client's platform and workloads. SIEM and SOAR Software Solution Architecture and Design:
Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals. Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases. Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs. Development and Implementation:
Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats. Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities. Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle. Security Incident Management:
Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation. Conduct thorough analysis of security incidents, ensuring root cause analysis, and implement corrective actions to prevent future occurrences. Collaborate with the Incident Response team to enhance incident handling and escalation procedures. Performance Optimization and Scalability:
Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement. Evaluate and implement appropriate infrastructure upgrades to support increasing data volumes and maintain optimal system performance. Conduct load testing and performance tuning exercises to ensure the SIEM and SOAR platforms can handle ever-expanding peak operational loads. Compliance and Policy:
Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation. Collaborate with the Compliance team to fulfill audit requests and participate in security assessments and penetration testing exercises. Research and Innovation:
Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations. Evaluate new SIEM and SOAR tools, Detection Engineering technologies, and techniques to improve the organization's security posture and stay ahead of potential threats. Stay informed about Cloud detection and response security controls. Required: 3+ years of proven experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle). 3+ years of experience with Splunk, certifications preferred. 3+ Year experience with the detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure). 2+ years of experience with WIZ. Understanding of Threat Modeling and Detection Engineering best practices. Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms. *Please note that as a contract employee of Apex Systems, benefits include the below with employee contribution: Health Dental Vision Life Insurance; Short Term Disability Hospitalization Coverage Direct Deposit Weekly Pay Periods Training and Development Programs 401k Referral Program EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.
#J-18808-Ljbffr
Cloud SIEM Engineer Locations:
Washington DC, Denver CO, Chicago IL - 3 days onsite/2 days remote Duration:
12+ months contract Pay Rate Range:
$75+/hr W2 **ALL APPLICANTS MUST BE ABLE TO WORK DIRECTLY ON APEXS W2 WITHOUT SPONSORSHIP NEEDED NOW OR IN THE FUTURE** Key Responsibilities: Leadership and Development:
As an Individual Contributor with significant Cloud (AWS or Azure) and Security Information and Event Management (SIEM) domain experience, collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and enhance the team's capabilities. AWS Detection Engineering:
Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the client's platform and workloads. SIEM and SOAR Software Solution Architecture and Design:
Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals. Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases. Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs. Development and Implementation:
Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats. Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities. Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle. Security Incident Management:
Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation. Conduct thorough analysis of security incidents, ensuring root cause analysis, and implement corrective actions to prevent future occurrences. Collaborate with the Incident Response team to enhance incident handling and escalation procedures. Performance Optimization and Scalability:
Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement. Evaluate and implement appropriate infrastructure upgrades to support increasing data volumes and maintain optimal system performance. Conduct load testing and performance tuning exercises to ensure the SIEM and SOAR platforms can handle ever-expanding peak operational loads. Compliance and Policy:
Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation. Collaborate with the Compliance team to fulfill audit requests and participate in security assessments and penetration testing exercises. Research and Innovation:
Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations. Evaluate new SIEM and SOAR tools, Detection Engineering technologies, and techniques to improve the organization's security posture and stay ahead of potential threats. Stay informed about Cloud detection and response security controls. Required: 3+ years of proven experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle). 3+ years of experience with Splunk, certifications preferred. 3+ Year experience with the detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure). 2+ years of experience with WIZ. Understanding of Threat Modeling and Detection Engineering best practices. Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms. *Please note that as a contract employee of Apex Systems, benefits include the below with employee contribution: Health Dental Vision Life Insurance; Short Term Disability Hospitalization Coverage Direct Deposit Weekly Pay Periods Training and Development Programs 401k Referral Program EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.
#J-18808-Ljbffr