Cyber Security Consultant

$145,000 - $165,000/Yr

Zachary Piper Solutions - McLean, VA

posted 2 months ago

Full-time - Mid Level
McLean, VA
Professional, Scientific, and Technical Services

About the position

Piper Companies is seeking a Remote Cyber Security Consultant (SOAR) to join an international leader in cybersecurity services. The Consultant will play a pivotal role in assisting with log migration and detection strategy for clients. This position requires a deep understanding of Security Information and Event Management (SIEM) systems and the ability to implement effective log ingestion strategies that enhance threat detection capabilities. The Consultant will work closely with both internal and external teams to ensure the successful adoption of cybersecurity products and services, contributing to the overall security posture of the organization. In this role, the Consultant will collaborate with the technical lead to develop a comprehensive log ingestion strategy that aligns with industry best practices. This includes documenting a detailed step-by-step process for ingesting high-quality log sources and monitoring these sources to optimize their efficiency. The Consultant will also be responsible for creating high-quality correlation rules that enhance threat detection and tuning both log sources and correlation rules for optimal performance. As a Subject Matter Expert (SME) in SIEM, correlation, and log source ingestion, the Consultant will identify opportunities for automation to improve analyst alert handling and create technical documentation detailing the SIEM aspects of the engagement. The position requires a proactive approach to cybersecurity, with a focus on continuous improvement and adaptation to emerging threats. The Consultant will need to stay updated on the latest trends and technologies in cybersecurity to effectively support clients and enhance their security operations.

Responsibilities

  • Collaborate with the technical lead to develop a log ingestion strategy.
  • Contribute to the detection strategy based on industry best practices.
  • Document a detailed step-by-step process for ingesting high-quality log sources.
  • Monitor and optimize log sources for maximum efficiency.
  • Create high-quality correlation rules to enhance threat detection.
  • Tune log sources and correlation rules for optimal performance.
  • Serve as a Subject Matter Expert (SME) for SIEM, correlation, and log source ingestion.
  • Identify opportunities for automation to improve analyst alert handling.
  • Work closely with internal and external teams to ensure product adoption.
  • Create technical documentation detailing SIEM aspects of the engagement.

Requirements

  • 6+ years of experience in deploying and integrating SIEM solutions in enterprise to large enterprise-level environments.
  • Experience with Security Operation Centers tooling and processes.
  • Experience in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using SIEM platforms.
  • Ability to create and develop correlation and detection rules within a SIEM to support alerting capabilities.
  • Experience with a variety of SIEM technologies such as Splunk, IBM QRadar, etc.
  • Proven ability to suggest detection strategies based on customer requirements.
  • Strong skills in Regular Expressions.
  • Ability to understand logs and locate/understand third-party documentation when necessary.
  • Familiarity with reports on the status of the SIEM, including metrics such as the number of logging sources, log collection rate, and other performance metrics.
  • Knowledge of Security Analysis & Response, including endpoint, network, and cloud-based environments, is a plus.
  • Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.).

Benefits

  • Healthcare
  • Dental
  • Vision
  • PTO
  • Holiday

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service