IT - Lead Consultant, Infrastructure Security, Security Incident and Event Management (SIEM)

Find latest similar jobs
Apply Now
Sign up for similar job alert!
Job ID :
16122
Company :
Internal Postings
Location :
SEATTLE, WA
Type :
Contract
Duration :
3 months
Salary :
open
Status :
Active
Openings :
1
Posted :
06 Sep 2018
Job Seekers, Please send resumes to resumes@hireitpeople.com
Detailed job description-

Area of Responsibility: 
•         Assessment of SOC processes and identify improvement opportunities
•         Assessment of SIEM use cases and identify gaps
•         SPLUNK(SIEM) Level 2/3 activities
•         Creating Use-cases and implement the use cases.  
•         Document improvement implementation plan

•         Provide advisory services for IT security infrastructure and recommend solutions, if needed for the following domains – 

o   Identity & Access Management
o   Application Security & Vulnerability management
o   Data Security & privacy
o   Infrastructure/Cloud Security
o   Security Operations center
•       Co-ordinate efforts with technical stakeholders, including Architects, Business Leads and various Teams 
•         Planning and Reporting activities

Education Qualification: 
•         Bachelor’s degree or foreign equivalent required. Will also consider three year of relevant work experience in lieu of every year of education

•         At least 8 years of experience with Information Security.
Knowledge and Skills: 
•         Ideal Candidate should have at least 8+ years of experience focused on the SIEM/SOC Operations, Network Security Architecture, Firewall, VPN, etc.
•         Hands on Experience with SPLUNK, Cisco/Palo Alto Firewalls, End point Security etc. is a must
•         Good understanding of Splunk architecture. Knowledge about various components (indexer, forwarder, search head, deployment server). 
•         Installation and Configuration of all SPLUNK components. 
•         Hot, Warm, Cold, Frozen bucketing using IFX, Rex Command and REGEX in configuration files. 
•         Knowledge of EXTRACT keyword, sed. - Knowledge of various search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc. 
•         Difference between event stats and stats. - Time chart attributes such as span, bins. 
•         Creating dashboards, reports using XML.  Inline search vs scheduled search in a dashboard 
•         Various types of charts, knowledge of app creation, user and role access permissions. 
•         Creating and managing app - create user, role 
•         Permissions to knowledge objects Optimize searches. 
•         Use techniques to optimize searches for better performance. 
•         Search time vs Index time field extraction.
•         CISSP, CISM, CISA, CEH or other information security certifications is preferable but not mandatory.
Client Services
Job Seekers
Visa Sponsorship