As a Cybersecurity SIEM Engineer, you will lead the design and implementation of security incident and event management solutions for our clients. You’ll play a key role in supporting our clients with their most complex information security needs, contributing toward their business resilience, and protecting critical infrastructure.
Requirements
- Possess a proven understanding of SIEM technologies, e.g. Splunk, Azure Sentinel, McAfee, QRadar, LogRhythm, SolarWinds, ArcSight, Fortinet, Elastic, SumoLogic, Rapid7
- Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts.
- Monitoring and managing the health and performance of SIEM platform
- Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews
- Creating use cases and correlations alerts in the SIEM for continuous security monitoring
- Security Operations experience with operating systems, or cloud infrastructures and services (Azure/AWS)
- Participating in client meetings to further optimize their specific operational plan based on our best practices and operational learnings
- Conveying complex technical security concepts to technical and non-technical audiences including executives.
- A bachelor's degree in a related field and approximately 3-5 years of related work experience; or a graduate degree and approximately 2 years of related work experience
- Hands-on experience with common security monitoring technologies including Security Incident Event Management systems (SIEM), Intrusion Detection Systems (IDS), Endpoint Detection & Responses (EDR), Anti-Virus log collection systems for purpose of comprehensive log analysis
- Experience supporting, troubleshooting, and administering a variety of networks, operating systems (OSs), and applications
- Experience with one or more of the following Cybersecurity tools: Splunk ES, Azure Sentinel, FireEye, Tanium, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Prisma Cloud, Humio, or ServiceNow SecOps
- Experience in process reengineering, workflow design, process improvement, or process mapping.
- Ability to travel as needed for client-site visits, team on-sites and strategic planning sessions; a driver’s license valid in the U.S
Benefits
- Competitive salary
- Medical and dental coverage
- Pension and 401(k) plans
- Flexible vacation policy
- Time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence