Skills

Communication Python PowerShell Incident Response Splunk GitLab Monitoring Ansible VMware Networking Attention to detail Training Linux Windows Organization Software Development Recruitment Network Administration

Job Specifications

Join Mizuho as a Cyber Security Engineer SIEM/SOAR!

In this role you will be responsible for supporting Mizuhos needs to support Cyber Security Monitoring and Incident Response automation. You will be expected to support these platforms via projects and various BAU activities. You should be experienced in developing actionable cyber security rules and effective automations. You must have experience and understanding of the data provided by security tools and other platforms to effectively manage cyber security functions. You must show aptitude in handling custom data sources and writing and adjusting log parsers. You should will be expected to gather requirements of detections and playbooks, outline the required steps to take, and deliver a complete solution with proper documentation. Additionally, there is an expectation to ensure compliance with regulatory requirements as Mizuho operates in a highly regulated industry.

Major Responsibilities

Support SIEM, SOAR
Run and support projects related to improving the functionality of SIEM and SOAR platforms
Support log life cycle management
Maintain performance and support uptime of SIEM and SOAR platforms.
Support platform integrations and data source onboarding
Troubleshooting of reported issues with tools/platforms.
Work within tools to support monitoring use cases
Interface with vendors for support and information on products

Required Qualifications

Strong hands-on technical experience with SIEM (Splunk) and SOAR (XSOAR) tools mentioned in the job description.
Experience with integrating various tools/data sources with SIEM/SOAR tools
Experience developing custom integrations for unsupported data sources/tools
Experience performing upgrades and deployment of SIEM/SOAR tools/components/apps/integrations
Understanding of the Incident Response Lifecycle
Experience developing detection engineering pipelines
Experience developing SOAR playbooks from start to finish
Experience collecting requirements from security analysts/IR teams
Experience working supporting Servers/Appliances through VMware
Understanding of DNS and IP networking
Strong troubleshooting/root cause analysis skills
Self-driven ability to take requirements/tasks and complete independently
Strong communication skills to report on risks to the organization and project commitments/deliverables
Understanding of the Incident Response life cycle is required as engineering may serve as an escalation point for Security Operations.
Working knowledge of Linux (RHEL) and Windows OSes required.
Ability to script/code to aid automation required preferably Python or PowerShell.
High attention to detail.
Educational background with BS/MS in Computer Science, Computer Engineering, Information Technology, Cyber Security, or similar
7+ years of experience in a similar or related position.

Additional Qualifications

Experience with the following tools are a plus:CrowdStrike EPPOther SIEMs/SOARsNetskope or other SASENext Gen FirewallsTenableExtraHop/Reveal(x)Cisco UmbrellaDUOLastPassJIRA, Gitlab, Ansible
Experience working with the Financial Services Industry
Previous experience in system/network administration, software development or desktop engineering a plus

Hybrid position in NYC/NJ. May be required to be on-call with a rotating schedule.

The expected base salary ranges from $111k,000 - $140,000. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, including Medical, Dental and 401K plans, successful candidates are also eligible to receive a discretionary bonus.

Other Requirements

Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in-office requirements that will be communicated to you as part of the recruitment process.

About the Company

Executiveplacements.com is a platform for executives to upload their CV, search for jobs, and network. With a focus on executives earning over R600K pa, Executive Placements is the only executive job portal in South Africa. Over 200,000 Executive have now registered on this portal. Jobplacements.com is a general job board, focusing on candidates earning below this amount. Over 2,800,000 candidates have registered on this portal. Between the two portals recruiters can reach out to over 3m candidates of which 8% are earning ov... Know more