Want to be a part of our team?
The Information Security Engineer (ISE) is the backbone of the SOCaaS offering. The ISE is a technical and consultative role with extensive hands-on operation, management, configuration and troubleshooting of SIEM systems and the SIEM environment.
Additional aspects of the position include acting as what would traditionally be considered a Technical Account Manager with additional elements relating to service level improvement.
It is the job of the ISE to act as advocate and liaison to the client’s which they serve, in addition to acting as a trusted security advisor.
The ISE should be familiar with the client’s environment, needs and pain points and be diligently working towards improving the usability, functionality and relevance of their SIEM service.
This is achieved through a thorough and complete understanding of the SIEM solution which the client is leveraging (Splunk, and Microsoft Sentinel).
Through this understanding, alongside the deep understanding of the client’s environment, the ISE team member will be able to provide best practice recommendations to the client.
This will include, but is not limited to, use case creation, report creation, use case tuning and updates, new log source integration, and SIEM vendor best practice implementation.
As the Senior Information Security Engineer (ISE) you will be accountable for :
Acting as a liaison to the client in day-to-day operations of their SIEM solution (Splunk and Microsoft Sentinel).
Identifying and implementing service improvements to increase the quality of the SOC as a Service offering
Performing daily health checks on all components of the SIEM solution ensuring all components are functioning correctly and troubleshooting where necessary.
Performing system upgrades and maintenance to ensure the SIEM systems are kept current and in good working order.
Working with the SIEM vendor and other team members (internal or external) to mitigate issues, correct misconfigurations, and address bugs as required.
Performing daily threat hunting within the client environment to actively seek out and attempt to address potential security threats being posed in real time.
Working with the client (and / or Channel Partner) in the creation of new use cases and / or alarms to address the client needs, compliance best practices, and to detect zero-day threats.
Tuning use cases and / or alarms in conjunction with the client and the NTT Security Operations (SOC) Team to reduce false positive rates and increase visibility.
Creating reports and other materials as requested in relation to compliance, security, and audit support.
Supporting client needs through supplemental investigations against appropriate logs and log sources as requested or as needed.
Adding additional log sources to the SIEM solution, ensuring appropriate parsing, and validating the data being received.
Hosting and running daily, weekly, monthly and / or quarterly calls in conjunction with the client and vendors to address questions, present information, or assist.
Experience, Skills and Qualifications
As the Senior Information Security Engineer (ISE) your skills and qualifications will include :
4-year degree, or progressive technical work experience in the information security field, preferably involving SIEM technologies.
Thorough understanding of TCP / IP and Networking.
Thorough understanding and practical experience in Cloud architecture (Azure, AWS, GCP)
Experience managing perimeter security technologies, including monitoring and tuning.
Windows Servers and *NIX OS builds and configuration, including systems auditing and policy configurations.
Working knowledge of Windows Active Directory, GPO administration, security, and audit policies configuration
Federal and Regulatory Compliance knowledge, such as PCI-DSS, NIST, SOX, HIPAA, ISO-, or others.
Customer service-oriented self-starter, who can serve as the single point of contact while resolving an issue.
Ability to work under pressure and to very short timelines.
Ability to interact in a professional manner with end users.
Outstanding communication skills; written and verbal (in English).
Excellent organizational skills.
Ability to work independently as needed yet always thinking as part of a team.
Excellent knowledge of Microsoft Office products, including Microsoft Visio.
Willingness to learn new technologies and share with other team members.
Ensure projects are completed on-time, to-budget with the highest technical expertise and professionalism, while maximizing customer satisfaction.
Enjoy working in the cross functional environment, learning from others and collectively sharing accomplishments.
What will make you a good fit for the role?
Hours : Local Business to employee with on-call rotation. (Once every 5 weeks the candidate will be on-call for 1 week)