UltraViolet Cyber is seeking a highly skilled SecOps Engineer with expertise in Chronicle SIEM and SOAR to join our dynamic team. If you are passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you.
The SecOps Engineer will be responsible for deploying, configuring, and managing our security information and event management (SIEM) tool, Chronicle SIEM, and developing Security Orchestration, Automation, and Response (SOAR) workflows. The ideal candidate will have a deep understanding of security incident and event management, automation, and orchestration, and will play a critical role in protecting our organization from security threats.
No third-party candidates will be considered
Skills and Responsibilities
- Design, develop, and implement SIEM rules and detections within the Chronicle SIEM platform.
- Develop and implement Google SOAR workflows to automate incident response tasks.
- Utilize regex for efficient log parsing and extraction of relevant security events.
- Create and customize dashboards for real-time monitoring of security events, and generate reports for different stakeholders.
- Document SIEM configurations, detection rules, and incident response procedures.
- Stay current with emerging threats and security best practices, recommending improvements to the SIEM configuration.
- Participate in an on-call schedule for high-priority issues.
- Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
- Collaborate with the security operations center (SOC) team to ensure effective incident response and threat hunting.
- Automate responses to alarms and enrich data from outside sources.
- Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
- Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
Required Experience:
- Experience in configuring Chronicle SIEM from initial setup to full production deployment.
- Experience with data ingestion, normalization, and log management.
- Familiarity with threat intelligence integration and automated playbook development.
- Experience in a technology-planning role and evaluating new technologies.
- Excellent verbal & written communication and presentation skills.
- Passion for technology and staying current with emerging security trends.
What We Do
Unified Security Operations, Delivered. We tear down the walls between red and blue teams & address risk exposure when it’s discovered—not weeks later. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions.
Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as- code platform combines technology innovation and human expertise to make advanced real time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients.
UltraViolet Cyber is headquartered in McLean, Virginia with global offices across the U.S. and in India.