Manager, SIEM Engineering

Save
You need to sign in or
create an account to save a job.

Essential Responsibilities

  • Responsible for the monitoring and stability of the SIEM platform
  • Develop integration and automation solutions to extend the capability of IBM QRadar and Resilient
  • Gather use case requirements and develop solutions for the cyber threat detection team
  • Remediate ongoing and new SIEM Application defects / process failures
  • Facilitation of SIEM Change Requests (upgrades, tuning, break fixes etc.)
  • Onboard new application and platform logs via syslog, endpoint agents, and APIs
  • Build and maintain operational documentation to support SIEM platform
  • Serve as the lead SIEM Engineer while mentoring and developing junior members of the team

Qualifications/Requirements

  • Bachelor's Degree in Information Systems / Technology, Computer Science / Engineering or equivalent field of study or a minimum of 4 years of work experience in an Information Technology field
  • 4+ years of work experience in the Cyber Security field in a security operations role
  • 2+ years of work experience with IBM QRadar in an engineering/consultative capacity
  • Demonstrable QRadar integration and application development skills using the App SDK and RestAPI
  • Proficient in development and maintenance of Python script language (v2.7 and v3.x)
  • Experience in BASH, Ruby, Perl, PowerShell script languages a plus
  • Strong Linux/UNIX and/or Windows administration skills
  • Experience with administration and integration/automation of IBM Resilient a plus
  • Experience with SOAR or similar automation/orchestration technologies a plus
  • Good understanding of network transport protocols and services (TCP/IP, Syslog, ODBC, SFTP, SSH, PKI, etc.)
  • Good understanding of the MITRE ATT&CK framework
  • Experience handling multiple projects, deadlines, and resources with minimal supervision
  • Experience working as a member of a geographically diverse team
  • Possess excellent written, verbal communication skills and attention to detail
  • SANS, Microsoft, Linux, Networking, or Security certifications a plus
  • Occasional travel including international travel may be required (team meetings, training, etc.) up to 15% of the time.

 

The Financial and Risk Business of Thomson Reuters is now Refinitiv. Refinitiv equips the financial community with access to an open platform that uncovers opportunity and catalyzes change. With a dynamic combination of data, insights, technology, and news from Reuters, our customers can access solutions for every challenge, including a breadth of applications, tools, and content—all supported by human expertise. At Refinitiv, we facilitate the connections that propel people and organizations to find new possibilities to move forward.

As a global business, we rely on diversity of culture and thought to deliver on our goals. Therefore we seek talented, qualified employees in all our operations around the world−regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Refinitiv is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.


Similar searches: Permanent, Advertising, Creative & Media, 0-25% Travel, Business & Management Consultancy, Cyber Security Manager, Cyber Threat & Vulnerability Analysis, Technology, ICT & Telecoms, Security Engineer, Security Manager