- Provide 3rd level technical support for all assigned security platforms
- Assist with management of SIEM solution using Microsoft Sentinel and QRadar to collect, correlate, and analyze security events and alerts.
- Key resource for SIEM log ingestion, creating and tuning SIEM rules, queries, and reports.
- Provide subject matter expertise and help maintain all assigned security platforms
- Assist in the creation of and monitoring of dashboards and logs for abnormal behaviors/intrusions
- Utilize Tanium telemetry to promote automation efforts across the various functions within the Digital Technology organization.
- Lead efforts in creating and monitoring Tanium dashboards to drive environmental improvements.
- Perform and oversee daily administration tasks such as maintaining a version status for all deployed products and policies, including the staging and execution of minor platform upgrades.
- Recommend best practices and look for opportunities to improve processes while balancing operational and business risks
- Ability to manage all aspects of SIEM solution. Experience in Sentinel is required, and QRoC is a plus.
- Experience or knowledge of Tanium is preferred
- Knowledge of client and server operating systems (e.g., Windows, Mac, Linux)
- Knowledge or experience with PKI management (i.e., Cloud or On-prem) a plus
- Strong emphasis on Microsoft security suite preferred
- Subject matter expertise working with Antivirus Software, Host-based firewall, Full Disk Encryption, Application Whitelisting, File Integrity Monitoring a plus
- Knowledge of Email Security protocols including SMTP, SPF, DKIM, and DMARC a plus
- Working knowledge of SASE solutions and/or Zscaler a plus
- Knowledge of Enterprise Management Solutions such as Tanium a plus
- Participate in rotating on-call schedule for after-hours support as needed
- An Associates or Bachelor's degree in Computer Science, Information Systems, or other related fields or commensurate hands-on experience
- Cybersecurity or IT-related certifications (Security+, GSEC, CISSP, equivalent) are a plus
Tanium Security Platform Administrator - Atlanta, United States - TEKsystems
Description
:
Our client continues to grow their security organization with a current focus on insourcing security tool engineering & administration competencies.
If this person has experience with some combination of Qradar/Qroc, MS Defender, 0365ATP or McAfee EPO those are helpful skills, but not required for the role.
They also utilize IBM Resilient as the SOAR platform.This role will help drive the maintenance/administration of Tanium and contribute to automation as well.
The Security Operations team is looking for a Security Platform Administrator who will play a vital role in keeping the Global Enterprise safe from cyber-attacks.
As the Security Platform Administrator, you will be part of a bigger machine working to protect the company from any malicious activity.
This role requires you to work with others to strategize threat prevention, coordinate remediation, and contribute to process improvement.How You Will Make a Difference:
:
3+ years
Educational/ Position Requirements:
Position Requirements:
Tanium, SIEM, Information security, Ms Sentinel
Top Skills Details:
Tanium,SIEM,Information security,Ms Sentinel
Additional Skills & Qualifications:
Educational Requirements:
Expert Level
About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity.
We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia.
As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change.
That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.