Software Engineer Defense Engineering Us Fortune 500 Convenience Store Retailer Years
Duties and Responsibilities:
Create new detection and alerting content based on emerging threats and internally created use cases.
Tune existing content based on SOC analyst feedback.
Scripting and automation experience Korn Shell, OR Bash Script OR Python OR Perl OR Powershell OR SQL Or shell Scripts, OR Java Script OR Ruby.
Integration of Cyber Kill Chain methodology into Siem content.
Case Management System maintenance
Evaluate, select, deploy, support and manage the tools used by security analysts.
Required qualifications:
3-5 Years of experience working with various security methodologies and processes; advanced knowledge of TCP/IP protocols; experience configuring and optimizing various technical security solutions; extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices; and expert knowledge in two or more of the following areas related to cybersecurity:
Siem content management
Security automation and orchestration
Continuous diagnostics and mitigation
Access Control and Authorization
Endpoint Protection
Application Security
Protocol Analysis
Incident Response
Encryption
Web?filtering
Advanced Threat Protection
Preferred Certifications: Splunk Enterprise Security Certified Admin, Certified Cloud Security Professional (CCSP), GIAC Certified Incident Handler (GCIH)