Security Information and Event Management (SIEM) Integration Engineer

vTech can help you avoid the daunting task of writing and posting job offers, shifting through resumes and laboring through the lengthy interview process. Our Staffing solutions will allow you to elude those tasks and place topnotch, high-caliber professionals in the position you need to fill.

We use our expertise, knowledge, and global resources to deliver top-quality candidates and tailor our IT and Non-IT recruitment services to your needs. This allows us to deliver the required results in a timely manner that meets your schedule at a substantially reduced cost.

We pride ourselves for having one of the fastest growth rate and also the lowest turnover rates in the industry just 2.5 percent annually. We focus on the training and retaining qualified professionals with high personal and work ethics. With the help of our extensive database of internal candidates and CATS applicants tracking system, we can provide quality resources within the limited time frame.

We have also successfully placed hundreds of candidates in the areas related to Information Technology, Engineering, professional, Scientific & Clinical, etc. for both our commercial and government clients.

• Source: A recruiter sources candidates from various sources; the search starts from our proprietary database. Using advanced sourcing methods like social media, professional networking media, internal, and 3rd party job boards, we identify qualified candidates.
• Validate: A recruiter validates the candidates’ experience and skill sets against our client’s position.
• Initial Screening: Based on the position and the client’s work culture, the recruiter uses initial screening questions to determine the most suitable candidates.
• Submit: the recruiter will submit to the technical team qualified candidates who have passed the initial screening.
• Technical Screening: The technical team then prepares a matrix of the particular requirements and required experience for the position and using a list of questions and the results, re-validates the candidates’ technical skills.
• Background Check: Administrative personnel will provide a detailed background check, as required, per client agreement.
• On board: On successfully completing the above steps, the candidates are welcomed on board and assisted to ensure a smooth integration at the client’s location.

Description:

Security Information and Event Management (SIEM) Integration Engineer will focus on implementation of the McAfee SIEM and associated appliances (Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), Advanced Correlation Engine (ACE)).

The Security Information and Event Management (SIEM) Integration Engineer will possess deep technical knowledge on a number of security technologies; the main area of focus will be the District implementation of the McAfee SIEM and associated appliances (to include Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), Advanced Correlation Engine (ACE)). The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customer.

Specific Tasks

• Act as the lead for Operations and Maintenance and Configuration Management for all Security Operations Center (SOC) and Security Information and Event Management (SIEM) tools.

• Analysis, design, configuration, implementation, documentation and operation of MacAfee SIEM and associated appliances (to include Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), Advanced Correlation Engine (ACE)).

• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.

• Lead technical troubleshooting efforts for complex network environments to identify and eliminate network or security configuration issues for SIEM data collection.

• Manage system deployments, upgrades, ongoing maintenance and operations.

• Configuration and operation of security device authentication, management & logging platforms.

• Provide Tier3 support to SOC Analyst personnel utilizing the SIEM to respond to security incidents and events.

• Identify, troubleshoot, and resolve complex network connectivity issues as well as advise on network security related issues.

• Understanding of network and endpoint security tools and how they integrate into the SIEM and provide a cohesive view of network incidents and security.

• Configure backups, verify custom reports, manage log source groups and validate log sources.

• Provide occasional off-hours support for planned maintenance work and unplanned support issues. May occasionally require on-site work at a data center during off-hours.

Required Qualification and skills

• Bachelor of Science in Electrical Engineering, Computer Science, Information Technology, or equivalent data security and networking experience required

• CISSP, CISM, or relevant IPS Vendor training/certification preferred

• Professional certifications related to core expertise (McAfee preferred)

• Minimum 5 years McAfee ESM administration experience required

• Minimum 5 years’ experience as a SOC Analyst Level 2 or SOC Team Lead

• Minimum 3 years’ experience scripting in regular expression for SIEM signatures

• Server Administration background – Windows and/or Linux/Unix

Responsibilities:

1. Coordinates IT project management, engineering, maintenance, QA, and risk management.

2. Plans, coordinates, and monitors project activities.

3. Develops technical applications to support users.

4. Develops, implements, maintains and enforces documented standards and procedures for the design, development, installation, modification, and documentation of assigned systems.

5. Provides training for system products and procedures.

6. Performs application upgrades.

7. Performs, monitoring, maintenance, or reporting on real- time databases, real-time network and serial data communications, and real-time graphics and logic applications.

8. Troubleshoots problems.

9. Ensures project life-cycle is in compliance with District standards and procedures.

Skills Required:

• Bachelor of Science in Electrical Engineering, Computer Science, Information Technology, or equivalent data security and networking experience

• ISC^2 Related Certification (CISSP, CISM) OR relevant Intrusion Prevention System Vendor training/certification (McAfee)

• McAfee ESM administration

• Experience as a SOC Analyst Level 2 or SOC Team Lead

• Experience scripting in regular expression for SIEM signatures

• Server Administration background – Windows and/or Linux/Unix

• Experience in network/system level administration and or cybersecurity

• 16+ yrs planning, coordinating, and monitoring project activities

• 16+ yrs leading projects, ensuring they are in compliance with established standards/procedures

All your information will be kept confidential according to EEO guidelines.