Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.
Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.
Securonix is looking to hire a SIEM content developer to develop parsers, build data dictionaries and event categorization.
Build content - parsers, data dictionary, event categorization, use cases for technologies like Firewall, Web Proxy, Operating Systems, VPN, Cloud Security, DLP, Email
Implement SIEM use cases and detect advanced threats with different data sets like Proxy, VPN, Firewall, DLP
1-3 years experience working in the field of content development and worked for delivering and/or building content (parsers, event categorization, Use cases ) on Splunk, AlienVault, Arcsight, QRadar, Nitro ESM
Experience working or functional understanding with SIEM
Solid networking fundamentals
Experience with database technologies like SQL, MySQL, Oracle etc.
Experience with Linux/Unix operating environments (configuration and troubleshooting), hadoop components is a plus
Experience with information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, and cloud security tools
Experience with APT kill chain frameworks like MITRE, NIST etc. is a plus
Experience working with regular expressions
In depth knowledge of security data logs and use cases such as Account Misuse, Data Exfiltration, Insider Threat, etc.
IT security, risk, compliance, and privacy concepts and principles to support enterprise business goals and objectives
Understanding of CASB and cloud security vendors like AWS, GCP, Azure etc.
Hands-on deployment of Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) solutions
Information security dashboards and report configuration based on IT standards and norms including, PCI-DSS, ISO27001, GLBA, SAS 70, ITIL, COBIT, FISMA, HIPAA, and NIST Special Publication 800 series;
Experience in Cyber Security technologies and concepts such as insider threat, malware, lateral movement, beaconing, ransomware, data theft, fraud