SecureSky, Inc. is Seeking a Cloud SIEM Implementation Engineer
SecureSky offers a full portfolio of cybersecurity services,focused on securing public cloud infrastructure and SaaS environments. This position is a full-time permanent position in our Servicesgroup.
Thisis a client-facing, service implementation role. The successful candidate willact as a client SIEM implementation engineer, serving as a client-facing, technical securityresource to assist SecureSky clients in SIEM implementation. This is a key,highly visible role with emerging cloud technologies that will transitionclients from the sales process to our operational team.
Thisrole will take hand-off from the sales and sales engineer teams and implementsecurity monitoring capabilities in client environments per contractualagreements. Responsibilities include:
- Creatingproject management estimates and timelines to meet client delivery expectations
- Assistingclients with design and setup of security log collection technologies (syslog,rsyslog, syslog-ng)
- Developingconnections to cloud APIs and on-premise log collection technologies
- Configuringclient devices for required log outputs
- Logparsing and troubleshooting
- Deploymentof dashboards, hunting queries and alert rules
- Hand-offto operational teams for ongoing detection and response subscription services
Required Client Experience:
The successful candidate will haveexperience:
- Workingin consulting or client-facing environment, with a proven track record ofclient success
- Planningand managing projects for multiple clients at one time
- Communicatingwith technical and non-technical resources, and the ability to communicatetechnical topics to non-technical audiences
- Writingclient communications and internal documentation effectively
Primarytechnical work will consist of onboarding of security technologies to theMicrosoft Azure Sentinel SIEM platform. Technical experience that would bebeneficial for this role includes experience with some of the following:
- SIEMplatforms (Splunk, QRadar, Rapid7, Sumologic)
- Implementingand troubleshooting syslog, rsyslog, syslog-ng
- Extractinglogs via APIs
- Configurationof logging and auditing for security technologies (e.g., firewall, endpoint)
- Logparsing and analysis
- Creatingalert detection rules
- Cloudtechnologies, especially Microsoft 365, Azure (such as Log Analytics andLogicApps), and Azure Sentinel
- Experiencewith Azure Notebooks/Jupyter Notebooks a plus
Nocertification requirements are required for consideration, but certificationsthat may be beneficial for this role include:
- GIACCertified Detection Analyst
- MSAzure Solutions Architect
- AzureSecurity Engineer Associate
Thework environment characteristics described here are representative of those anemployee encounters while performing the essential functions of this position.Reasonable accommodations may be made to enable individuals with disabilitiesto perform the essential functions. The noise level in the workenvironment is quiet.
Thephysical demands described here are representative of those that must be met byan employee to successfully perform the essential functions of this position.Reasonable accommodations may be made to enable individuals with disabilitiesto perform the essential functions.
Whileperforming the duties of this position, the employee is constantly required touse hands to finger, handle or feel, talk or hear and occasionally required tostand, walk and sit. The employee may occasionally lift and/or move up to 10pounds.
Specificvision abilities required by this job include close vision, distance vision,color vision and the ability to adjust focus.