Cyber Security Tools Engineer

  • Direct Hire
  • Phoenix,

Heitmeyer Consulting

Apply Now

Job Title: Cyber Security Tools Engineer 2
Location: Phoenix, AZ/ Las Vegas, NV/ Dallas, TX / Columbus, OH

What you’ll do:
The Cyber Security Tools Engineer 2 is responsible for the patching, maintenance, enhancement, tuning, documentation, and day-to-day operation of enterprise-class Cyber Security Tools. This position will focus specifically on SIEM operations (Elasticsearch) and integration with various logging resources throughout the enterprise. The position will report to the Director of the Cyber Security Monitoring Center, and coordinate their efforts with the lead Principal Engineer.

What we are looking for:
In coordination with fellow engineers and the lead Principal Engineer, maintains a highly effective, well-tuned, and operational SIEM leveraged by Cyber Security Analysts for the effective analysis of Cyber threats across a financial enterprise landscape.  Coordinates and documents the changes to the Elasticsearch SIEM environment to include ingestion of new logging from applications or infrastructure. Adapts to the well-established norms and procedures of the Security Monitoring System including change ticket reviews; weekly engineering meetings; Elastic Common Schema; Kanban milestone tracking; and SharePoint / WIKI documentation. Offers audit review of Cyber Security tools. When called upon, offers a secondary review of Security Analysis tickets.
Qualifications:

    • Bachelor’s Degree
    • 4 years of experience in the field of cyber security and/or IT and demonstrative experience in ownership management of one or more Enterprise IT or Security products or services.
    • 2 + years of experience using Elasticsearch SIEM
    • Previous experience using the Linux operating system and demonstrative knowledge of one or more of the following: Syslog; JSON; XML; Windows Event Logs; SIEM.
    • Previous experience scripting ability to include one or more of: Python, PowerShell, BASH, YARA, Ruby, Perl
    • Candidate will have platform or technology certifications to include one or more of:  CompTIA Security+; CompTIA Linux+; CompTIA Cloud+; CompTIA CySA+; Certified Ethical Hacker; AWS or Azure Security Specialty; GIAC Certifications; Elasticsearch Certification; Infrastructure Certification (Cisco, Microsoft, AWS, VMWare Linux or other

Apply Now

  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow