Satisfy – Security Operations Center /
SKOUT CYBERSECURITY provides cyber security monitoring and unparalleled customer service to organizations around the globe. SKOUT's security team deploys the industry's most cutting-edge tools at affordable prices, providing the technology and protection to make cyber security accessible for all.
We have an exciting new opportunity for an experienced SIEM Engineer. This role reports to the VP of Cyber Intelligence Center and works closely with our SOC, DevSecOps and Software Engineering team.
This position requires a strong background in SIEM Technologies, as its focused-on data ingestion from multiple IaaS, PaaS and SaaS services. You will be part of a team that is directly responsible for detecting security threats across SKOUT customers. You possess a strong technical hands-on experience in delivering use cases and Detection rules for multiple attack vectors. You understand moving fast is key for the company and ensuring services are available 24x7x365 requires on-call participation, focus on automation, careful planning of changes, coupled with detailed runbooks & documentation. More so, you make things happen. You have a natural curiosity for all thing’s security and 'geek-out' on all thing tech related. You will be collaborating with other team members daily. Being a team player is a must for being successful in this role. You're passionate about Security working with SIEM’s, AWS, AZURE, Docker, k8s and automation apps.
- Research new and existing log sources and evaluate and implement counter detection methods.
- Develop and maintain new and existing use cases and rules.
- Manage, maintain and upkeep SIEM Application.
- Provide afterhours escalation support to ensure SIEM -uptime.
- Providing guidance with implementation of rules and event correlation for the SIEM environment.
- Developing detection rules to support alerting and response capabilities for our SOC services.
- Assist SOC with customer meeting and support request.
- Design custom dashboard for SOC to ensure faster Alarm analysis.
- Participate in various attack and defend exercises with up SOC.
- Troubleshoot Issue with log sources and parsing.
- Develop and document runbooks for SIEM Alarms.
- Implement and execute procedures for administration, management and Lifecycle of the SIEM.
- Lead Incident Response engagement.
- Experience in developing parsers and SIEM correlation rules to detect new threats beyond current capabilities.
- Knowledge of RegEx patterns and expressions
- Hands on experience with Windows, Unix and Linux Operating Systems
- Understanding of OSI layers, network protocols (IP, ICMP,TCP,UDP), network services (DNS, DHCP, HTTP), routing protocols
- Working knowledge of Threat intelligence to interpret IOC’s and translating them for SIEM alerting.
- Experiencing with IDS & IPS
- Coding skills in Python, PowerShell & Bash (Highly Preferred)
- Hands on experience with cloud architecture such AWS or Azure.
CEH, CCNA or AWS Certifications (Highly Preferred)
o 4 Years experience in Security Field
o 2+ years SIEM experience, with ElasticSIEM or Qradar or LogRhythm or FortiSIEM or Sumo Logic.
o Experience with Use-case development
o Exeperience in Incident Response prefered
o BS in Computer Science, Cyber Security, or Information Security. (Preferred)
Comprehensive medical, dental and vision insurance
401K with a 4% Match
Parental Paid Leave
Due to the volume of applications we receive only shortlisted candidates will be contacted.
SKOUT has preferred agency relationships and does not accept unsolicited agency resumes. Please do not forward resumes to our jobs email address, our employees or mail to our office locations. SKOUT is not responsible for any fees related to unsolicited resumes.
SKOUT is an equal opportunity employer who values diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. In fact we know that the most inclusive and diverse teams accomplish the most extraordinary results.