Santa Ana, CA, 92702, USA
2 days ago
Principle SIEM Engineer (Hybrid in Orange County, CA)
Job Description An enterprise level client is looking for a Principle SIEM Engineer to join their Information Security Organization. This senior technical role is responsible for enhancing and expanding the Security Operations Center (SOC) logging and monitoring functions. It is a collaborative position that requires an advanced interdisciplinary technical background, including expertise in systems and application administration, data engineering, security operations, and detection engineering. SIEM Infrastructure: Design, implement, and maintain the SIEM infrastructure, including multi-cloud deployments. Data Management: Use platforms and tools for efficient data routing, parsing, and filtering. Apply data engineering concepts to enhance infrastructure. Log Analysis: Collect, analyze, and correlate logs. Develop and fine-tune correlation rules, alerts, and dashboards. Advanced Analytics: Use advanced analytics and machine learning for proactive threat detection. Collaboration: Work with offensive and defensive security teams to improve detection and response strategies. Collaborate with cross-functional teams to mitigate security risks. Automation and Compliance: Implement automation opportunities and perform regular security audits to ensure compliance. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .     To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements - 8+ years of experience within a SIEM environment   Extensive experience with Splunk and Cribl, including deployment, configuration, optimization, and administration   Hands-on experience developing, tuning, and deploying security detections - Strong understanding of network protocols, firewalls, IDS, endpoint security, and cloud environments (Azure, AWS, GCP). Proven ability to secure infrastructure in these clouds - Knowledge of MITRE ATT&CK, COBIT, NIST 800-53, ISO27001, SSAE16, SOC1, SOC2 - Proficient in Python, PowerShell, Bash; experience with AWS Lambda and Azure Functions is a plus - Certifications: Relevant certifications such as Splunk Certified Power User/Admin, Cribl Certified Admin, Security+, CEH, OSCP, CISSP null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.
Confirm your E-mail: Send Email