- lign with client needs and operational performance to identify opportunities for improvement/enhancement of their security operations center and infrastructure.
- Partner with the client to evaluate existing log & data domains, SIEM processes and tools and effectiveness measures to identify critical elements, weaknesses, and opportunities for improvement.
- Work independently and in concert with others to architect solutions that have a measurable impact on security value, service management and client satisfaction.
- Creation of architecture diagrams, workflow models and proposals/presentations to key stakeholders who have a wind range of business, security, and IT experience.
- Deliver high-level plans for architecting recommended solutions for hybrid environment.
- Coordination with the key stakeholders to gather requirements and design the solutions to support those requirements.
- Proficient at developing and creating reference architectures and models with proper documentation.
- rchitect solutions to drive salability, efficiency, and automation, which may include changes to people, process and technology.
- Provide consulting services via interactive client sessions to assist with implementation, support, and usage of multiple product vendors and technologies.
- Perform other duties as assigned.
- Master's degree, or demonstrated experience and delivery in information security, data management or computer science.
- 7-10+ years of applied technology experience in defining strategy around security monitoring, incident management, regulatory compliance and process improvement.
- Demonstrated expert level experience with Qradar, Splunk, Sentinel and Hadoop, including log consolidation, correlation, content creation, workflow management and process improvement.
- 5+ years hands on experience creating rules, alerts, content and reports within a complex SIEM environment.
- Familiarity with Cyber Kill Chain methodologies
- Excellent Unix / Linux skills required
- Familiarity with Windows WEF Framework
- Understanding of Network Firewalls, Load Balancers and Complex System Designs
- Expert troubleshooting and break fix experience with SIEM environments required
- Excellent written and verbal communication skills
- ctive professional security certifications (i.e. CISSP), open source project, security research or design/framework contributions or other current initiatives around information management, data and content modeling and large data analytics.
- Expertise in FLEXConnector framework development and strong Regex skills required
- Good command on Python, Perl, SQL, Regex and Shell Scripting is preferred
- Experience installing and maintaining open-source log capture technologies such as Syslog-NG, Snare, LogStash, MSCOM etc is preferred
- 3-5 Years' experience working with Incident Response handling or inside a Security Operations Center.
- bility to rapidly understand client's business strategies and possess the capability to apply creative problem-solving skills to deliver high impact solutions to meet their business needs.
-
SIEM Architect
5 days ago
eTeam Morrisville, United StatesJob Description for SIEM Architect · The SIEM Architect is a client-facing role, responsible for architecting SIEM solutions to improve the security value, service management, and scalability for our clients. A working knowledge of SIEM, threat trends and vectors, and IT/IS arc ...
-
Senior Cloud Security Engineer
6 days ago
Mercalis Morrisville, United StatesOverview · Mercalis is an integrated life sciences commercialization partner that provides comprehensive solutions that span the entire healthcare value chain. Backed by proven industry expertise and results-driven technology, Mercalis helps navigate the complex life sciences mar ...
-
Senior Cloud Security Engineer
1 week ago
Mercalis Morrisville, United StatesOverview: · Mercalis is an integrated life sciences commercialization partner that provides comprehensive solutions that span the entire healthcare value chain. Backed by proven industry expertise and results-driven technology, Mercalis helps navigate the complex life sciences m ...
-
DevOps Engineer
3 days ago
IEM Morrisville, United Stateswork independently, attention to detail, and ability to multi-task a must · be a self-starter who is confident in their abilities and willing to take · Comfortable · with all aspects of a LAMP stack environment · of Linux system administration, including ability to effectively le ...
-
Senior Cybersecurity Engineer
4 days ago
American Tower Cary, United StatesJob Description · The Team · We are seeking a Senior Cybersecurity Engineer to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Enginee ...
-
Senior Security Engineer
6 days ago
BetaNXT Inc Cary, United StatesJob Description · Job DescriptionAbout BetaNXT · BetaNXT is a leading provider of frictionless wealth management infrastructure, real-time data solutions, and an enhanced advisor experience. We invest in platforms, products, and partnerships to accelerate growth for the ecosystem ...
-
Senior Cybersecurity Engineer
3 days ago
American Tower Cary, United States**The Team** · We are seeking a Senior Cybersecurity Engineer to join American Towers Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Engineer, your daily r ...
-
Director, Infrastructure and Cybersecurity
1 week ago
Prime Medicine Cary, United StatesDirector, Infrastructure and Cybersecurity · Prime Medicine is a leading biotechnology company dedicated to creating and delivering the next generation of gene editing therapies to patients. The Company is leveraging its proprietary Prime Editing platform, a versatile, precise a ...
-
Cyber Security Architect
2 weeks ago
WorkTrust Solutions Raleigh, United StatesCybersecurity Architect (Splunk Focus) -Job Description · This role is a great opportunity for someone with extensive Splunk experience and a strong understanding of SIEM (Security Information and Event Management) systems. · Responsibilities: · Manage all aspects of a Splunk SIE ...
-
Microsoft 365 Architect
1 day ago
Crescens Raleigh, United StatesJob Title: Microsoft 365 Architect · Location: Raleigh, NC · Duration: 12+months · Type: Contract · All work can be completed on-site, hybrid, or remote, whatever the candidate prefers. · Job Description:This position will be responsible for the design, implementation, and mai ...
-
Qualys Raleigh, United StatesCome work at a place where innovation and teamwork come together to support the most exciting missions in the world · The Partner Security Solutions Architect is a Trusted Technical Advisor for Qualys Partners and leads the technical enablement and readiness, · joint solutions ...
-
Microsoft 365 Technical Architect
1 week ago
Cynet Systems Raleigh, United StatesJob Description: · Duties:Escalate interruptions immediately to Management and supervisor. · Support immediate Team and other employee-based groups including providing knowledge sharing. · Meet project expectations on quality of work, deliverables, and task completion on time. ...
-
Cloud Security Engineer I
1 week ago
Abrigo Raleigh, United StatesWe provide technology that community financial institutions use to manage risk and drive growth. Our solutions automate key processes – from anti-money laundering to fraud detection to CECL readiness to lending workflows – empowering our customers by addressing their Enterprise R ...
-
Sr. Solutions Engineer
5 days ago
Netskope Raleigh, United StatesAbout Netskope · Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started N ...
-
Sr. Solutions Engineer
1 week ago
Netskope Raleigh, United StatesAbout Netskope · Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Ne ...
-
Splunk Engineer
5 days ago
TEKsystems Durham, United StatesJob Description · Job DescriptionJob Title: Splunk Engineer · Type:18-month contract to hire · Worksite Address: On-site in the RTP Area · Requirements: Splunk experience; Linux experience; U.S. Citizen · Description · This position is for a team with our client that was created ...
-
CSIRT Incident Response Analyst
4 days ago
IBM Durham, United StatesIntroduction · IBM Infrastructure is a catalyst that makes the world work better because our clients demand it. Heterogeneous environments, the explosion of data, digital automation, and cybersecurity threats require hybrid cloud infrastructure that only IBM can provide. · Your a ...
SIEM (security information and event management) Architect - Morrisville, United States - Tekfortune Inc
Description
Tekfortune is a fast-growing consulting firm specialized in permanent, contract & project-based staffing services for world's leading organizations in a broad range of industries.
To support the active project demands and skills gaps, our staffing experts can help you find the best job for you.
Role:
Location:
Duration:
Required Skills:
Job Description:
Job Description for SIEM Architect
The SIEM Architect is a client-facing role, responsible for architecting SIEM solutions to improve the security value, service management, and scalability for our clients.
This individual will work under the supervision of Master SIEM Architects and Management while partnering with the client to deliver robust SIEM designs and implementations.
This function will work closely with the client to understand the current and target state of the SIEM and insure effective and efficient incident identification, resolution and root-cause analysis is leveraged through productive implementation of the platform.
This candidate must be able to effectively collaborate with the client's Information Security and IT/IS teams to deliver optimal results for the client.
In addition, the SIEM Architect must be able to clearly and successfully communicate with a demonstrated understanding of business and technical requirements of the client.
Job Responsibilities