Years of experience: 16+ years’ experience.

Interviews: Both WebCam and in-person.

Job Description:

Security Information and Event Management (SIEM)  Integration Engineer will focus on implementation of the McAfee SIEM and associated appliances (Enterprise Security Manager (ESM), Enterprise Log Manager (ELM),  Advanced Correlation Engine (ACE)).

The Security Information and Event Management (SIEM)  Integration Engineer will possess deep technical knowledge on a number of security technologies; the main area of focus will be the District implementation of the McAfee SIEM and associated appliances (to include Enterprise Security Manager (ESM), Enterprise Log Manager (ELM),  Advanced Correlation Engine (ACE)). The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customer. 

Specific Tasks

•           Act as the lead for Operations and Maintenance and Configuration Management for all Security Operations Center (SOC) and Security Information and Event Management (SIEM)  tools.

•           Analysis, design, configuration, implementation, documentation and operation of MacAfee SIEM and associated appliances (to include Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), Advanced Correlation Engine (ACE)).

•           Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.

•           Lead technical troubleshooting efforts for complex network environments to identify and eliminate network or security configuration issues for SIEM data collection.

•           Manage system deployments, upgrades, ongoing maintenance and operations.

•           Configuration and operation of security device authentication, management & logging platforms.

•           Provide Tier3 support to SOC Analyst personnel utilizing the SIEM to respond to security incidents and events.

•           Identify, troubleshoot, and resolve complex network connectivity issues as well as advise on network security related issues. 

•           Understanding of network and endpoint security tools and how they integrate into the SIEM and provide a cohesive view of network incidents and security.

•           Configure backups, verify custom reports, manage log source groups and validate log sources.

•           Provide occasional off-hours support for planned maintenance work and unplanned support issues.   May occasionally require on-site work at a data center during off-hours.

Required Qualification and skills.

•           Bachelor of Science in Electrical Engineering, Computer Science, Information Technology, or equivalent data security and networking experience required.

•           CISSP, CISM, or relevant IPS Vendor training/certification preferred.

•           Professional certifications related to core expertise (McAfee preferred).

•           Minimum 5 years McAfee ESM administration experience required.

•           Minimum 5 years’ experience as a SOC Analyst Level 2 or SOC Team Lead.

•           Minimum 3 years’ experience scripting in regular expression for SIEM signatures.

•           Server Administration background – Windows and/or Linux/Unix.

Travel Requirements: No travel anticipated.

----CONTRACT LABOR CATEGORY DESCRIPTION----

Complete Description

Responsibilities:

1. Coordinates IT project management, engineering, maintenance, QA, and risk management.

2. Plans, coordinates, and monitors project activities.

3. Develops technical applications to support users.

4. Develops, implements, maintains and enforces documented standards and procedures for the design, development, installation, modification, and documentation of assigned systems.

5. Provides training for system products and procedures.

6. Performs application upgrades.

7. Performs, monitoring, maintenance, or reporting on real- time databases, real-time network and serial data communications, and real-time graphics and logic applications.

8. Troubleshoots problems.

9. Ensures project life-cycle is in compliance with District standards and procedures.

Please use this table to list the skills noted in the Required/Desired section of the requirement.  In addition, please respond with the years of experience for each skill and the last time each skill was used.  Add or delete rows as necessary.