The role in question concentrates on engineering SIEM solutions for internal client groups. Security platform engineering and integration experience is essential as part of a global team responsible for deploying security controls at the firm.
The candidate must demonstrate strong technical qualities - preferably in a global environment, ideally within the finance industry.
- Evaluate, architect, integrate and deploy Event Monitoring platforms based on requirements from incident response teams and other clients.
- Onboard new log sources, with log analysis and parsing to enable SIEM correlation.
- Maintain security infrastructure, providing stability by following and using the tools, policies, processes and procedures available
- Provide reporting and metrics
- Provide consultancy services to other IT Security teams
- Create, review, maintain and update documentation in central knowledge base
- Work with global colleagues to provide globally consistent processes and solutions.
- Investigate & Troubleshoot root causes when escalated from operations.
- Escalate and liaise with additional internal/external groups when required.
- Prior experience engineering and deploying SIEM solutions in an enterprise environment.
- Experience with one or more of Splunk, ArcSight ESM, IBM QRadar, RSA Security Analytics (NetWitness).
- Scripting and development skills (Perl, Python, Java, C#) with strong knowledge of regular expressions.
- Linux Sysadmin experience
- Interpersonal skills - Communication, flexibility, self-driven, team player
- Strong project management skills
- Strong general networking and security knowledge (Firewalls, Routing, DNS, NAT, packet trace and analysis, etc.)
- Database and ?Big Data? knowledge ? SQL, Hadoop, HIVE
- Knowledge of indicators of compromise (IOC) of systems and applications
- Familiarity with key security events on common platforms
- Industry Certifications such as CISSP, SANS etc.
100 Harborside Financial Center, 11th Floor
Jersey City, NJ 07311
If you are interested in this position, please click here.