Job Specifications
Hi,
Role: SIEM/SOAR Engineer (Security Information and Event Management or SIEM)
Location: Jersey City, NJ
Duration: 12+ Months
Looking for Independent consultant
Work location : Must work onsite for 4 days and 1 day remotely out of either Jersey City, NJ // Tampa, FL // Tempe, AZ offices
We are seeking a highly motivated SIEM and SOAR Engineer as part of the Engineering team to design and implement cutting-edge technology to improve security posture. This person will work with other engineering team members to drive the engineering standards and implementation across the global deployment.
Responsibilities:
Design and implement various engineering solutions by working with other stakeholders.
Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms.
Experience with building and managing Security Data Lake and Data Warehouse.
Define SIEM and SOAR platform standards including data schema, modelling, normalization, monitoring and alerting.
Define standard patterns to integrate different systems into SIEM platforms
Ability to develop different scripts and products RegEx for configuring policy to detect security alerts as per threat, anomaly, etc.
Ability to conduct fraud analysis and threat detection.
Generate different types of reports using SIEM & SOAR data
Identify opportunities to enhance the current baseline processes and configuration
Produce engineering, integration and process related documentation.
Manage vendor relationships to drive roadmap, solution design, implementation and troubleshooting
Work with key stakeholders of the services to ensure the expectations are meeting the requirements
Knowledge of various applications and systems that include Servers, security platforms, middleware, Clouds (SaaS, PaaS and IaaS), Containers, etc. to come up with the right approach of SIEM integration
Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution
Ability to provide technical directions to other peer staff members, and to train new staff on the security team
Qualifications:
At least 5+ years of experience in technology with emphasis on cyber security.
At least 3+ years of experience in SIEM and SOAR products such as Splunk, Elastic, Datadog, Cribl, etc.
At least 1+ years of experience in Data Lake and data warehouse using products such as AWS S3, Snowflake, Databricks, etc.
Experience with scripting is highly preferred like Python, Ansible etc.
Experience in creating trending, metrics, and management reports
Working knowledge in RegEx, Splunk search language, etc. is required.
Knowledge and experience operating in a hybrid-cloud environment.
Knowledge of modern security principles and their practical applications.
Knowledge and experience in AWS or Azure
Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell)
Education:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications. Equivalent work experience is equally preferable.
Preferred Certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Manager (CISM)
Certified Information System Auditor (CISA)
Certified Ethical Hacker (CEH)
About the Company
Kaizen Technologies Inc., NJ is an Information Technology and Engineering Services company. Formed in 1995, Kaizen has 5 major divisions serving a broad clientele world-wide - IT Consulting, Projects, Products, Training, Engineering Design and Aerospace/Precision Manufacturing. Kaizen has won several accolades and awards, including "Deloitte Fast 500", "INC 500", "NJ 50 Best Places to Work" for 3 consecutive years and "Best Business Award 2007". For the second time running, Kaizen has been awarded the US Chamber of Commerce'...
Know more