An Insight Global client's Security Operations team is looking for a Security Platform Administrator who will play a vital role in keeping our client safe from cyber-attacks. As the SIEM Engineer, you will be part of a bigger machine working to protect the company from any malicious activity. This role requires you to work with others to strategize threat prevention, coordinate remediations, and contribute to process improvement.
How You Will Make a Difference:
· Provide 3rd level technical support for all assigned security platforms
· Assist with management of SIEM solution using Microsoft Sentinel and QRadar to collect, correlate, and analyze security events and alerts.
· Key resource for SIEM log ingestion, creating and tuning SIEM rules, queries, and reports.
· Provide subject matter expertise and help maintain all assigned security platforms
· Assist in the creation of and monitoring of dashboards and logs for abnormal behaviors/intrusions
· Utilize Tanium telemetry to promote automation efforts across the various functions within the Digital Technology organization.
· Lead efforts in creating and monitoring Tanium dashboards to drive environmental improvements.
· Perform and oversee daily administration tasks such as maintaining a version status for all deployed products and policies, including the staging and execution of minor platform upgrades.
Recommend best practices and look for opportunities to improve processes while balancing operational and business risks
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- An Associates or Bachelor's degree in Computer Science, Information Systems, or other related fields or commensurate hands-on experience
- Ability to manage all aspects of SIEM solution.
- Hands on experience building, implementing and migrating SIEM platform.
- Experience in Microsoft Sentinel
- Knowledge of client and server operating systems (e.g., Windows, Mac, Linux)
- Strong emphasis on Microsoft security suite preferred
· Subject matter expertise working with Antivirus Software, Host-based firewall, Full Disk Encryption, Application Whitelisting, File Integrity Monitoring a plus
· Knowledge of Email Security protocols including SMTP, SPF, DKIM, and DMARC a plus
· Working knowledge of SASE solutions and/or Zscaler a plus
Knowledge of Enterprise Management Solutions such as Tanium a plus
- Knowledge or experience with PKI management (i.e., Cloud or On-prem) a plus
- Experience or knowledge of Tanium is preferred
- QRoC is a plus
- Cybersecurity or IT-related certifications (Security+, GSEC, CISSP, equivalent) are a plus
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.