Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioural algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors. Summary
SIEM Engineer position is an integral part of our Professional Services team. In this role, you will work with our customer(s) supporting our mission to help them quickly and completely adopt our Security Operating Platform, leaving them more secure. This is a highly technical, hands-on role that will focus on architecting, planning, implementing, and operationalizing the SIEM platform. The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customers. Securonix Next-Gen SIEM and UEBA experience, although desired, is not required, but the candidate must have SIEM and SOAR software expertise and be willing to train on the Securonix platform and products.
- Lead end to end SIEM implementation or integrations in a customer environment.
- Understand customer business requirements and the threat landscape applicable to their industry’s vertical sector to develop tailored use cases for security and Incident monitoring.
- Coordinate with customers to deploy collectors and agents in the on-premise network for data collection and forwarding.
- Work with the customers to design and implement secure data flow into Securonix cloud while following industry standard best practices.
- Coordinate with service delivery managers, management, engineering, maintenance, and operational support teams to ensure timely delivery.
- Develop content, use cases, data models, dashboards, and connectors to support custom user requirements.
- Troubleshooting end to end network and infrastructure issues during data onboarding.
- Deploy and integrate Securonix SOAR solution with the customer infrastructure for response orchestration.
- Engage with customers, internal product development teams to gather user requirements and suggest new product features and help improve existing product features.
- Training and enabling customers and partners for successful adoption
- 5+ years of experience in information security and SIEM.
- Strong understanding of SIEM solutions such as Splunk, Qradar, ArcSight, Logrhythm and Exabeam.
- Experience deploying SIEM across multiple customers.
- Good understanding of MITRE ATT&CK matrices, kill chains and other attack models.
- Strong communication skills and customer-facing experience.
- Strong knowledge of scripting languages such as Python, Powershell.
- Industry certifications such as CISSP, CISM
- BS in Computer Science, Information Systems, CyberSecurity
- 3-4+ years of experience in UEBA deployment
- Working knowledge of Machine learning in cybersecurity
- Working knowledge of cloud technologies such as Amazon, Azure and Google
- Good understanding of log collection methodologies and aggregation techniques such as Syslog-NG, rsyslog, Nxlog, Windows Event Forwarding
- Good understanding of Hadoop ecosystem and Apache technologies.
- Experience integrating endpoint security and host based intrusion detection solutions
- Experience with network forensics and toolsets such as Wireshark, PCAP, tcpdump
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training.
Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.