About the job XTN-A47B550 | SIEM PLATFORM SECURITY ENGINEER
The Purpose Driven Career Objectives of a Network /System / Database Administration at KMC:
About Nuspire:
Nuspire is a leading managed security services provider (MSSP) founded over 20 years ago to revolutionize the cybersecurity experience by taking an optimistic and people-first approach. Our deep bench of cybersecurity experts use world-class threat intelligence and 24x7 security operations centers (SOCs) to detect, respond and remediate advanced cyber threats.
Position Description:
The SIEM Platform Security Engineer is responsible for the design, configuration, operations, and service onboarding of Nuspire Managed Security Services. The employee will be responsible for creation of procedures, implementation of processes and solutions across internal and client environments.
Experience with SOC tools and SIEM platforms with Situational Awareness is necessary. Exceptional technical aptitude to work with new tools and products a requirement. The employee will work closely with internal Nuspire teams and clients in a high-profile operations delivery role, providing high-level and mission critical services to Managed Security Service clients. Works on complex projects where analysis of situations or data requires evaluation of multiple factors. The ideal candidate will have at least 6 years years of relevant experience.
This is a remote position.
To apply for Network /System / Database Administration, you are excellent at:
- Focused supporting on the design, implementation, and support of Fortinet FortiSIEM services delivered in an operational support model
- Advising best practice on SOC tools deployment and Enterprise Security products to both technical and relatively non-technical personnel.
- Serving as a primary responder for Managed Security FortiSIEM systems, taking ownership of client configuration and break-fix issues and tracking through resolution.
- Maintaining secure configurations on all internal and client managed platforms.
- Implementing and configure leading edge security software and appliance-based products in complex client environments.
- Providing remote consulting services via interactive sessions to assist with support of FortiSIEM collection and monitoring systems.
- Helping with implementation and best practices of a SIEM infrastructure in client environments.
- Providing guidance on configuration of Windows GPOs and best practices related to Windows Audit policies and Windows Event Forwarding.
- Acting as an escalation and exception processing resource for operational support
- Maintaining secure configurations on all internal and client managed platforms.
- Working on complex projects where analysis of situations or data requires evaluation of multiple factors.
- Troubleshooting application installation and operation issues related to a SIEM logging agent.
- Creating technical documentation to support operational processes, troubleshooting and security investigation techniques, device secure configuration baseline, and collaborate on architecture and upgrades of the FortiSIEM environment.
- Establishing documentation for cybersecurity threat hunting processes to support investigation and reporting of security events and incidents
Your Success Profile includes:
- Minimum of 6 years professional experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment.
- A degree or equivalent training with experience working in a Security Operations Center, Cyber Security, Managed Security Engineering team, or enterprise client environment.
- Familiarity in FortiSIEM or Accelops platform
- Knowledge of SOAR tool Functionality and operations within an enterprise or MSSP environment.
- Ability to understand of network and cloud architecture and implementation is a must; ideal candidate will have worked with complex network, cloud and host security tools.
- A superior IT problem-solving skills.
- An excellent time management, reporting, and communication skills.
- Ability to work long hours in a mission critical environment with occasionally stressful situations.
- A strong sense of discretion and confidentiality
- Experience writing technical documentation and training junior employees.
- Familiarity with DevOps
- Knowledge of Linux and Windows Systems
- Experience with network cloud security controls and tools.
Preferred Skills:
- Experience with Google Chronicle in an enterprise or MSSP environment.
- An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
- Experience with multiple SOC tools. Splunk, MS Sentinel.
- Experience with endpoint security controls and tools. SentinelOne, Palo Alto Cortex, Qualys
- Experience implementing SIEM environments in cloud environments such as AWS, Azure, GCP and OCI.