SecureSky, Inc. is Seeking a Cloud SIEM Implementation Engineer

SecureSky offers a full portfolio of cybersecurity services, focused on securing public cloud infrastructure and SaaS environments. This position is a full-time permanent position in our Services group.

This is a client-facing, service implementation role. The successful candidate will act as a client SIEM implementation engineer,  serving as a client-facing, technical security resource to assist SecureSky clients in SIEM implementation. This is a key, highly visible role with emerging cloud technologies that will transition clients from the sales process to our operational team.

Responsibilities:

This role will take hand-off from the sales and sales engineer teams and implement security monitoring capabilities in client environments per contractual agreements. Responsibilities include:

·       Creating project management estimates and timelines to meet client delivery expectations

·       Assisting clients with design and setup of security log collection technologies (syslog, rsyslog, syslog-ng)

·       Developing connections to cloud APIs and on-premise log collection technologies

·       Configuring client devices for required log outputs

·       Log parsing and troubleshooting

·       Deployment of dashboards, hunting queries and alert rules

·       Hand-off to operational teams for ongoing detection and response subscription services

Required Client Experience:

The successful candidate will have experience:

·       Working in consulting or client-facing environment, with a proven track record of client success

·       Planning and managing projects for multiple clients at one time

·       Communicating with technical and non-technical resources, and the ability to communicate technical topics to non-technical audiences

·       Writing client communications and internal documentation effectively

Preferred Technical Experience:

Primary technical work will consist of onboarding of security technologies to the Microsoft Azure Sentinel SIEM platform. Technical experience that would be beneficial for this role includes experience with some of the following:

·       SIEM platforms (Splunk, QRadar, Rapid7, Sumologic)

·       Implementing and troubleshooting syslog, rsyslog, syslog-ng

·       Extracting logs via APIs

·       Configuration of logging and auditing for security technologies (e.g., firewall, endpoint)

·       Log parsing and analysis

·       Creating alert detection rules

·       Cloud technologies, especially Microsoft 365, Azure (such as Log Analytics and LogicApps), and Azure Sentinel

·       Experience with Azure Notebooks/Jupyter Notebooks a plus

Certifications:

No certification requirements are required for consideration, but certifications that may be beneficial for this role include:

·       GIAC Certified Detection Analyst

·       MS Azure Solutions Architect

·       Azure Security Engineer Associate

Working Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is quiet.

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this position, the employee is constantly required to use hands to finger, handle or feel, talk or hear and occasionally required to stand, walk and sit. The employee may occasionally lift and/or move up to 10 pounds.

Specific vision abilities required by this job include close vision, distance vision, color vision and the ability to adjust focus.

This position has been filled.