Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Information Security Engineer
Company Victaulic
Location Easton, PA
Preferred GIAC Certifications GSEC, GCDA
Travel 0%
Salary Not provided
URL http://app.jobvite.com/m?3KEINlwJ
Contact Name Justin
Contact Email justin.barber/at/victaulic.com
Expires 2021-09-03

Job Description

JOB OVERVIEW:
The Information Security Engineer is responsible for delivering world class IT services in a fast-paced, challenging global environment. The Engineer will develop and maintain IT processes and systems, with a primary focus on security information and event management (“SIEM”) and threat hunting. Information Security experience is required, but direct SIEM experience is not; relevant training will be provided.

RESPONSIBILITES AND DUTIES:

--Implement, maintain, and troubleshoot Splunk SIEM system. Includes intake of various log sources and creation and maintenance of queries, dashboards, apps, alerts, and reports.
--Maintain awareness of and help to implement IT and IT information security best practices, particularly as it relates to SIEM, log analysis, and threat hunting.
--Maintain operational knowledge of cyber risk and its potential likelihood and impact.
--Act as part of a team investigating, triaging, and responding to potential incidents, with a focus on log analysis and interpretation.
--Utilize SIEM and other systems to proactively hunt for threats.
--Evaluate the effectiveness of existing security controls and recommend relevant enhancements.
--Participate in security audits and red/blue/purple team exercises.
--Collaborate on cross-functional projects to ensure risk is managed throughout project lifecycles.
--Work assigned support tickets.
--Occasional off-hour availability for responding to unanticipated events.

QUALIFICATIONS

--Extensive experience with Microsoft operating systems.
--Experience with typical information security tools and processes.
--Experience with programming or scripting languages, such as PowerShell, Python, Bash, SQL, and/or regular expressions.
--Experience researching and crafting innovative solutions to challenging technical problems.
--Experience evaluating and implementing new technology.
--Familiarity with reading and understanding application and operating system logs.
--Familiarity with network technology, Active Directory, macOS, Linux.
--Familiarity interpreting and acting on alerts from disparate IT systems as part of an IT incident management team.
--Basic knowledge of SIEM systems and purposes.
--Splunk-related certifications are preferred although not required, as are IT information security-related certifications such as those from GIAC/SANS, CompTIA, or (ISC)².
--Strong verbal and written communication skills.
--Ability to diagnose issues quickly in a diverse, fast-paced environment.
--Ability to effectively manage and complete multiple projects and tasks.