SIEM Engineer at Fivesky

| Baltimore, MD
Sorry, this job was removed at 4:32 p.m. (CST) on Wednesday, November 3, 2021
Find out who's hiring in Nationwide.
See all Developer + Engineer jobs in Nationwide
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Fivesky is looking for a highly motivated and talented SIEM Engineer  to join a team that supports a global player’s Cybersecurity response team. Ideally you have Splunk skills, creating and maintaining analytics, knowledge or interest of Cybersecurity (blue team and Security Operations Center(SOC) /Managed Security Service Provider-(MSSP)) and some Python scripting skills 

What you’ve done:

  • 3+ years of hands-on SIEM experience (Preferably Splunk).
  • Worked with ArcSight ESM, creating rules, filters, and active lists
  • Used Splunk ES  and the following features (Searching, Reporting, Alerting, Dashboards, and, Correlation searches)
  • 3+ years of operational security experience (SOC or MSSP)
  • 2+ years of software development experience within an a SIEM environment
  • Analyzed data, developed alerts, and designed dashboards
  • Comfortable with Unix and Windows commands
  • Worked in a fast-paced multifaceted DevOps environment

What you will do:

  • Lead the effort to migrate detection rules to Splunk ES and maintain existing Arcsight platform 
  • Migrate the contents of Arcsight to Splunk knowledge objects.
  • Work with closely with engineering on field extractions and log validation
  • Use Python within a SOAR (Security Orchestration, Automation, and Response) environment to automate incident response
  • Utilize reference data and normalize log data for analytics
  • Create analytics in Splunk and Splunk ES 
  • Make changes where needed to improve analytics
  • Create data dictionaries for log sources
  • Check the health and monitor root-causes to support production platforms 

Would be awesome if you:

  • Utilize Python for automation 
  • Have Regex experience
  • Certifications like (Splunk Certified Consultant / Splunk Certified Enterprise Security Certified Admin) 
  • Knowledge of ETL processes and SIEM technologies, like ArcSight, QRadar, Splunk.
  • Worked throughout the SDLC and have  experience deploying software into production
  • Experience with using Rsyslog, Syslog-NG, Nifi and Kafka to streaming data
  • Passion for Cybersecurity

At Fivesky, our employees are our greatest asset and the focal point around which we operate; therefore, we always want the best for our employees. In addition to offering competitive compensation plans and long-term career opportunities, we offer an attractive mix of benefit plans to our employees that include provisions for vacation, holiday pay, and sick days.

Fivesky is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, genetic information, or any other characteristic protected by law.

This is a full-time opportunity in Baltimore, MD. Salary is open based on experience and qualifications.

(FS-RID-0398) 

More Information on Fivesky
Fivesky operates in the Security industry. The company is located in New York, NY. Fivesky was founded in 2012. It has 71 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Dental Benefits, Vision Benefits, Health Insurance Benefits, Life Insurance and 401(K). To see all 63 open jobs at Fivesky, click here.
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Fivesky's full profileFind similar jobs