Description

Top Skills Details

  • 8+ relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles and experience with the below responsibilities:
  • Experience writing and tuning detections.
  • Experience with SIEM tools.
  • Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
  • Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
  • Experience with a range of AWS . Azure native services and tools (i.e. Guard Duty, Security Hub)
  • Understanding of threat frameworks, such as MITRE Telecommunication&CK for Cloud and D3FEND.
  • Understanding of Risk Management principles.
  • Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS / Azure with either native cloud service provider capabilities or 3rd party vendor tools.
  • Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
  • Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
  • Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 27001).

 

Req Description

 

Description

Our banking client is looking for an experienced Senior Cloud SIEM Engineer to join our Cyber Security Operations team. The ideal candidate must have deep knowledge of security controls, tools, features, and operations for AWS / Azure. Candidate should be able to demonstrate relevant experience with implementing and enhancing detective capabilities in a fully managed AWS / Azure environment. The candidate should be intellectually curious about technology and the evolving threat landscape.

 

This role will help to build a detection engineering process and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS / Azure environment. It will partner with teams across the security organization to design, develop, tune, and maintain detection content to protect the client and support the their information security policies and/or procedures.

 

Enterprise Req Skills

siem,detection,cloud,azure,aws

 

Preferable Certifications

• CCSP / CCSK

• CISSP / CISM / Security +

 

 

Workplace Type

Hybrid

 

 

External Communities Job Description

We are looking for a cloud focused SIEM Engineer.

 

EVP

This is a huge effort to move to the public cloud both in AWS and Azure for a very large financial institution, one of the largest both domestically and internationally. This person will get to work side by side with both AWS and Azure in this effort. They will get to utilize all of their skills, if they get brought on for this one role they could get pulled into another role or team based on their skill set and could also gain lots of experience across different platforms and skill sets. They are also looking to bring some of these people on FTE as they are looking to operationalize the cloud and need to bring and keep the knowledge in house in order to do that.

 

Work Environment

This resource will be required to sit onsite 3 days a week and 2 days remote. They can choose the days they go in and work remotely. Denver or Chicago are the preferred metro areas.

 

Additional Skills & Qualifications

• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.

• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

• Highly organized and motivated self-starter who can deliver results with minimal direction.

• Bachelor's or Master's Degree in Computer Science, Information Systems, Cyber Security, or related field

Education

Bachelor's degree