Join our Talent Network
Skip to main content

Content Developer

Location: , India
Date Posted: Nov 24, 2021

Job Description

Description

Securonix is looking for a SIEM Content Development lead with 10+ years of experience in SIEM content development to join the Content, Threat and Analytics (CTA) team. This role will serve as a leading engineering resource responsible for the innovation, development, and maintenance of SIEM & UEBA content. Specific focus will be directed to understanding various vendor feeds and developing the capability of our analytics tools to detect anomalous, suspicious, or malicious behaviors. An ideal candidate will have extensive information security experience - particularly in incident response and be able to apply that knowledge to drive future content to reduce risk. The candidate will work closely with the various internal teams, including but not limited to: Threat research engineers, Threat hunters, SIEM administrators and business unit customers.


Responsibilities

  • Experience working or functional understanding with UEBA and SIEM
  • In depth knowledge of security data logs and use cases for Account Misuse, Data Exfiltration, Insider Threat
  • Functional understanding of how hadoop works
  • Implement UEBA and SIEM use cases and detect advanced threats with different data sets like Proxy, VPN, Firewall, DLP. 

 

Qualifications

  • Atleast 5+ years experience working in the field of Content development and worked for delivering and/or building content on Splunk, Alienvautl, Arcsight, QRadar, Nitro ESM
  • Solid networking fundamentals
  • Solid experience with Linux/Unix operating environments (configuration and troubleshooting)
  • Experience with information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, and cloud security tools
  • Experience with APT kill chain frameworks like MITRE, Lockheed Martin etc.
  • Experience working with regular expressions and understanding of YARA rules
  • Strong programming background with advanced skills in Java, MySQL, Hadoop is preferred.
  • IT security, risk, compliance, and privacy concepts and principles to support enterprise business goals and objectives; 
  • Strong understanding on CASB and cloud security vendors like AWS, GCP, Azure etc.
  • Hands-on deployment of Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) solutions
  • Information security dashboards and report configuration based on IT standards and norms including, PCI-DSS, ISO27001, GLBA, SAS 70, ITIL, COBIT, FISMA, HIPAA, and NIST Special Publication 800 series; 
  • Experience in Cyber Security technologies and concepts such as insider threat, malware, lateral movement, beaconing, ransomware, data theft, fraud 
  • Troubleshooting on software component stack – java errors, SQL connections, Hadoop platform issue
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.
Save Job Saved
Share: mail

Similar Jobs