job summary: Kindly reach out to me by sending your resume to joffy.thomas@randstadusa.com if you have SIEM experience and if you are a security engineer. Required Skills - 3-5US Citizen Enterprise/MSSP?and or cloud Security SIEM technologies CompTIA Security + certification?or equivalent/higher Ability to work a rotating shift Desired skills, responsibilities, experience neededCandidate Requirements? Candidate should have strong communications skills, both written and verbal, be comfortable presenting information to teammates, customer technical personnel and AT&T Leads and Managers.? ? The preferred candidate is REQUIRED to have: - Demonstrated experience using either an Enterprise/MSSP?and or cloud Security SIEM technologies as an analyst.? - Ability to support and work across multiple customer and bespoke systems.? - Must be able to pass a CJIS background check process and other background checks to comply with customers contracts.? - Complete basic safety and security training to meet the customer requirements.? - Ability to work a rotating shift and on-call schedule as required.? - CompTIA Security + certification?or equivalent/higher? - Selected candidates must be US Citizens.? Candidate Preferred Requirements The Preferred candidate holding one or more of the industry certifications will be a plus - CompTIA Security+ - Other Certs - such as CompTIA Networking+, any Cloud Certifications, Devo, Splunk, Azure Sentinel - Eight (8) years of Security Incident Response, Security Operations Center, and/or threat analysis experience. With five (5) years as a part of a Perimeter team. Qualifying Experience and Attributes - Experience with SIEM tuning - Experience with log ingestion into the SIEM by raw log ingestion, email, and API. - Ability to create and maintain custom reports, dashboards and views utilizing the SIEM - Ability to create 'use cases' to customize the alerting of the SIEM to meet customer needs - strong knowledge of Virtualized or Cloud Computing. - strong Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). - Knowledge of Mitre ATT&CK and Mitre D3FEND - Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). - Knowledge of cybersecurity and privacy principles. - Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). - Knowledge of incident response and handling methodologies. - Knowledge of new and emerging information technology (IT) and cybersecurity technologies. - Knowledge of key concepts in security management (e.g., Release Management, Patch Management). - Knowledge of security system design tools, methods, and techniques. - Knowledge of what constitutes a network attack and its relationship to both threats and vulnerabilities. - Knowledge of cyber defense and information security policies, procedures, and regulations. - Knowledge of cyber attackers (e.g., script kiddies, insider threat, nation/non-nation state sponsored). - Knowledge of system administration, network, and operating system hardening techniques. - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). - Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. - Knowledge of how to use network analysis tools to identify vulnerabilities. - Skill in recognizing and categorizing types of vulnerabilities and associated attacks. - Skill in performing packet-level analysis. Responsibilities - Provision security tools for customers. - Help determine tactics, techniques, and procedures (TTPs) for security tools. - Characterize and analyze network traffic to identify anomalous activity, malicious activity, and potential threats and/or vulnerabilities to network resources. - Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. - Perform cyber defense trend analysis and reporting. - Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. - Provide daily summary reports of network events and activity relevant to cyber defense practices. - Create and document procedures and work instructions for use by the SOC staff (Tier 2 thru Tier 3). - Train and mentor other SIEM Engineers and/or SOC Analysts as needed. - Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. - Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms. location: Austin, Texas job type: Contract salary: $70 - 72 per hour work hours: 8am to 4pm education: High School responsibilities: - Demonstrated experience using either an Enterprise/MSSP?and or cloud Security SIEM technologies as an analyst.? - Ability to support and work across multiple customer and bespoke systems.? - Must be able to pass a CJIS background check process and other background checks to comply with customers contracts.? - Complete basic safety and security training to meet the customer requirements.? - Ability to work a rotating shift and on-call schedule as required.? - CompTIA Security + certification?or equivalent/higher? - Selected candidates must be US Citizens.? Candidate Preferred Requirements The Preferred candidate holding one or more of the industry certifications will be a plus - CompTIA Security+ - Other Certs - such as CompTIA Networking+, any Cloud Certifications, Devo, Splunk, Azure Sentinel - Eight (8) years of Security Incident Response, Security Operations Center, and/or threat analysis experience. With five (5) years as a part of a Perimeter team. Qualifying Experience and Attributes - Experience with SIEM tuning - Experience with log ingestion into the SIEM by raw log ingestion, email, and API. - Ability to create and maintain custom reports, dashboards and views utilizing the SIEM - Ability to create 'use cases' to customize the alerting of the SIEM to meet customer needs - strong knowledge of Virtualized or Cloud Computing. - strong Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). - Knowledge of Mitre ATT&CK and Mitre D3FEND - Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). - Knowledge of cybersecurity and privacy principles. - Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). - Knowledge of incident response and handling methodologies. - Knowledge of new and emerging information technology (IT) and cybersecurity technologies. - Knowledge of key concepts in security management (e.g., Release Management, Patch Management). - Knowledge of security system design tools, methods, and techniques. - Knowledge of what constitutes a network attack and its relationship to both threats and vulnerabilities. - Knowledge of cyber defense and information security policies, procedures, and regulations. - Knowledge of cyber attackers (e.g., script kiddies, insider threat, nation/non-nation state sponsored). - Knowledge of system administration, network, and operating system hardening techniques. - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). - Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. - Knowledge of how to use network analysis tools to identify vulnerabilities. - Skill in recognizing and categorizing types of vulnerabilities and associated attacks. - Skill in performing packet-level analysis. Responsibilities - Provision security tools for customers. - Help determine tactics, techniques, and procedures (TTPs) for security tools. - Characterize and analyze network traffic to identify anomalous activity, malicious activity, and potential threats and/or vulnerabilities to network resources. - Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. - Perform cyber defense trend analysis and reporting. - Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. - Provide daily summary reports of network events and activity relevant to cyber defense practices. - Create and document procedures and work instructions for use by the SOC staff (Tier 2 thru Tier 3). - Train and mentor other SIEM Engineers and/or SOC Analysts as needed. - Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. - Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms. qualifications: Experience level: ExperiencedMinimum 5 years of experienceEducation: High School skills: SECURITY ENGINEERSECURITYSECURITY ANALYSTSIEMUS CitizenCompTIA Security +cloud SecuritySOC AnalystSIEM Security EngineerFIREWALL ENGINEERFirewall EngineeringNetwork SecuritySECURITYADMINJuniper Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.
