Technology Consulting - Cybersecurity - SIEM/SOAR Engineer - Senior Consultant

As a Cybersecurity SIEM Engineer, you will lead the design and implementation of security incident and event management solutions for our clients. You’ll play a key role in supporting our clients with their most complex information security needs, contributing toward their business resilience, and protecting critical infrastructure.

Requirements

• Possess a proven understanding of SIEM technologies, e.g. Splunk, Azure Sentinel, McAfee, QRadar, LogRhythm, SolarWinds, ArcSight, Fortinet, Elastic, SumoLogic, Rapid7
• Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts.
• Monitoring and managing the health and performance of SIEM platform
• Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews
• Creating use cases and correlations alerts in the SIEM for continuous security monitoring
• Security Operations experience with operating systems, or cloud infrastructures and services (Azure/AWS)
• Participating in client meetings to further optimize their specific operational plan based on our best practices and operational learnings
• Conveying complex technical security concepts to technical and non-technical audiences including executives.
• A bachelor's degree in a related field and approximately 3-5 years of related work experience; or a graduate degree and approximately 2 years of related work experience
• Hands-on experience with common security monitoring technologies including Security Incident Event Management systems (SIEM), Intrusion Detection Systems (IDS), Endpoint Detection & Responses (EDR), Anti-Virus log collection systems for purpose of comprehensive log analysis
• Experience supporting, troubleshooting, and administering a variety of networks, operating systems (OSs), and applications
• Experience with one or more of the following Cybersecurity tools: Splunk ES, Azure Sentinel, FireEye, Tanium, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Prisma Cloud, Humio, or ServiceNow SecOps
• Experience in process reengineering, workflow design, process improvement, or process mapping.
• Ability to travel as needed for client-site visits, team on-sites and strategic planning sessions; a driver’s license valid in the U.S

Benefits

• Competitive salary
• Medical and dental coverage
• Pension and 401(k) plans
• Flexible vacation policy
• Time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence