SIEM Specialist

HCM Staffing and Consulting is seeking a Cortex Automation EEC. Apply via Dice today.

• As a Cortex Automation EEC, you are a critical part of our customers adoption of Cloud security integrations. You may be engaged with multiple clients as the subject matter expert, establishing relationships with them to ensure best practices for their secure cloud environments, throughout the lifecycle of their journey with our products. You ll guide them for quick and consistent adoption, accelerated integrations with new cloud security products, and real-time support and strategy.
• You ll act as their trusted advisor, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you ll partner closely with client personnel to guide them on their cloud security journey. Your thorough understanding of our product integrations contributes to the development of new principles and concepts providing detailed analysis around what s working, what s not, and what could be better.
• You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You re creative, innovative, and you love a challenge learning how integrations might work better around new products and technologies.

• Work in a hybrid setting (3 days per week on-site) in one of the following locations:
• Dallas TX, Middleton NJ, Charlotte, NC
• Lead security automation technical implementations in a customer environment
• Translate complex business requirements into best practice solutions
• Identify and document operational business processes for automated playbook development
• Prepare capacity planning, deployment, business continuity and configuration guides
• Ability to communicate effectively in various situations with all levels of an organization from Engineering/Operations to CIO/CISO audiences
• Present technical information to non-technical personnel
• Train and enable customer teams to be successful with our products
• Develop key performance indicators (KPIs), understand critical success factors, and continuously measure performance
• Engage with the account team to allow them to clearly understand the customer business & technical requirements as you learn through active engagement with the client

• Experience with security automation platforms and orchestration tools (SOAR)
• Familiarity with IDS/IPS, SIEM, and endpoint solutions
• Experience managing complex automated security solutions in large environments
• Deep understanding of security threats, internet protocols and cybersecurity tools and applications
• Project leadership experience; ability to drive organizations and resources to complete required tasks in service of end goals
• Detailed experience in the installation, configuration, operation and documentation of security solutions to prevent cybersecurity threats
• Experience working in a Security Operations Center (SOC) and documenting operational workflows
• Excellent written and verbal communication skills, with confirmed ability to communicate to senior leaders and technical peers
• Some understanding of Linux or Unix and network troubleshooting analysis
• Preferred experience in Python and/or Java script
• Preferred experience in cybersecurity incident response
• Previous experience with STIGs, RMF, NIST publications and/or SCAP
• GCIA, CISSP, CEH, and/or Security+ certifications is a plus

This role will serve as a SIEM specialist, complementing a Sr. EEC already on the account. This can be a mid- or senior-level position.

• SIEM Work & Knowledge:
  Senior level (5+ years of direct SIEM experience or a similar combination of experience).
• Industry Security Knowledge:
  Mid-level.
• Scripting:
  Required experience, preferably in
  * QL languages.
• Python:
  Highly desired.
• Automation/SOAR:
  Must understand automation concepts and be able to explain how SOARs operate. Functional experience is a bonus.
• SOC/IR:
  Must have a functional understanding of SOC and IR.