Overview
The PennyMac Information Security department is looking to bring on an engineer that will provide expertise and leadership for SIEM technologies, security data lake engineering, and their associated technology ecosystem integrations.
Job Description

• Subject matter expert in the onboarding, maintenance, and documentation for SIEM technology components.
• Lead SIEM solution engineering efforts to manage environment changes and operationalize new system capabilities.
• Create and provide oversight for rule creation to generate actionable security alerts, meet audit requirements, conduct incident response investigations, and manage visibility into threats.
• Manage and ensure the lifecycle, availability, and recoverability of PennyMac's SIEM technology ecosystem.
• Provide architectural direction, documentation, and oversight over SIEM including but not limited to log collection, aggregation, indexing, search, alerting, and integrations.
• Manage SIEM access lifecycle activities including RBAC and account creation, modification, and deletion.
• Manage implementation of product enhancement adoption and integration into operations.
• Responsible for mentoring and training junior staff in SIEM operations.
• Create custom documentation related to SIEM architecture, engineering, operations, and maintenance.
• Attend vendor specific training and conferences and lead dissemination of lessons learned to internal stakeholders.
• Drive and execute technology proof-of-concepts, vendor comparison analysis, and requirements development.
• Provide support to information security incident response activities.

Ideal Candidate will have the following:

• Bachelor's Degree from an accredited college or equivalent work experience.
• Minimum 3 years experience in SIEM technology administration, architecture, and engineering.
• Working knowledge of SIEM technology with the ability to evaluate technical capability differences between vendor offerings.
• Strong understanding of information security and computer networking architectural frameworks, vulnerability management, and cyber incident response.
• Strong understanding of REST API architecture and security requirements.
• Experience with AWS architecture, engineering, and security technologies.
• Desired scripting experience in Python or Powershell.
• Desired expert understanding of all or most AWS IaaS/PaaS, Linux, Windows Server, Windows Desktop, VMWare, and MacOS (in order or importance) secure configuration management and security controls.
• Capable of architecting, engineering, and operationalizing information security technologies through plan, development, build, test, release, deploy, operate, and monitor phases of the SDLC.
• Strong written and verbal communication with ability to work in GSuite productivity suite.
• Preferred to have Security+, CISSP, SANS, CEH or other industry certifications.
• Excellent time management and organizational skills.
• Ability to work nights and weekends as required by cyber security incidents or to meet compliance deadlines.
• Ability to self-start and spearhead initiatives with minimal direction and oversight.

Years of Experience:
7Education:
Bachelor's Degree