Cyber Security Engineer - Atlanta, GA

CRH Americas - Atlanta, GA

posted 4 months ago

Full-time - Mid Level
Atlanta, GA
10,001+ employees
Nonmetallic Mineral Product Manufacturing

About the position

We are seeking a talented Cyber Security Engineer with specialized expertise in administering a large-scale Splunk environment. This role will be pivotal in enhancing our cyber security posture through the design, testing, and implementation of custom security detections. The ideal candidate will have hands-on experience with Splunk Enterprise Security (ES) and a strong understanding of alerting and investigating threats using Splunk. In this position, you will manage and administer a large Splunk deployment, ensuring its scalability, reliability, and performance. You will design, develop, test, and implement custom Splunk queries, alerts, and dashboards tailored to detect and respond to security threats. Utilizing Splunk ES, you will enhance threat detection capabilities, including correlation searches, notable event aggregation, and incident response workflows. You will also implement risk-based alerting strategies to prioritize and respond to security incidents effectively. Collaboration is key in this role, as you will work closely with cross-functional teams including SOC analysts, engineers, and system administrators to integrate security monitoring solutions effectively. You will maintain comprehensive documentation of Splunk configurations, workflows, and security detections, and generate regular reports on security metrics, incidents, and improvements. Additionally, you will monitor and analyze networks and systems using Splunk ES to identify threats and vulnerabilities, review security logs, and provide technical guidance to teams and stakeholders around the SIEM. Your responsibilities will also include analyzing threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and OSINT, maintaining and enhancing operational runbooks, and establishing good working relationships with all IT, Cybersecurity, third-party, service consumer, and business stakeholders. You will help monitor and enforce compliance with the organization’s security policies and standards among employees, contractors, and third parties. Regular and predictable attendance at assigned times is required, along with other duties as assigned.

Responsibilities

  • Manage and administer a large Splunk deployment, ensuring its scalability, reliability, and performance.
  • Design, develop, test, and implement custom Splunk queries, alerts, and dashboards tailored to detect and respond to security threats.
  • Utilize Splunk ES to enhance threat detection capabilities, including correlation searches, notable event aggregation, and incident response workflows.
  • Implement risk-based alerting strategies to prioritize and respond to security incidents effectively.
  • Work closely with cross-functional teams including SOC analysts, engineers, and system administrators to integrate security monitoring solutions effectively.
  • Maintain comprehensive documentation of Splunk configurations, workflows, and security detections.
  • Generate regular reports on security metrics, incidents, and improvements.
  • Monitor and analyze networks and systems using Splunk ES to identify threats and vulnerabilities.
  • Review security logs to identify and address potential risks.
  • Provide technical guidance and expertise to teams and stakeholders around the SIEM.
  • Analyze threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and OSINT.
  • Maintain and enhance operational runbooks.
  • Learn cross-functional skills to participate in the management and monitoring of other Security applications and tools.
  • Establish and maintain good working relationships with all IT, Cybersecurity, third-party, service consumer, and business stakeholders.
  • Help monitor and enforce compliance with the organization’s security policies and standards among employees, contractors, and third parties.

Requirements

  • Bachelor's degree in computer-related discipline or relevant equivalent experience.
  • Minimum of 5 years of experience in cyber security roles.
  • Splunk certifications required.
  • Security certifications desired.
  • Expertise in administering Splunk in a large enterprise environment.
  • Proficiency in Splunk Search Processing Language (SPL) and creating complex queries.
  • Hands-on experience with Splunk Enterprise Security (ES) and its various modules.
  • Knowledge of risk-based alerting methodologies and threat intelligence integration.
  • Familiarity with scripting languages such as Python or PowerShell for automation.
  • Experience developing custom Splunk content including scheduled searches, reports, dashboards.
  • Proficient at data onboarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
  • Experience configuring indexes, index routing, retention policies, etc.
  • Experience working in Linux and Windows environments desired.
  • Familiarity with different types of log data such as firewall logs, cloud app logs, Windows event codes, etc.
  • Experience in security investigations using Splunk or other SIEM.
  • Familiarity with MITRE ATT&CK Framework.
  • Familiarity with security standards such as NIST.
  • Experience using REGEX.

Nice-to-haves

  • Detail oriented.
  • Ability to work on cross-functional teams.
  • Ability to communicate professionally, both verbally and in writing, as well as deliver effective presentations to groups.
  • Ability to work with all levels of the organization: Executives to Clerks.
  • Self-motivated, proactive, and creative, with effective application of logic, reasoning, problem solving.
  • Demonstrates strong leadership qualities that can be used to guide a project.
  • Ability to organize and prioritize work; and strong ability to work with time/date deadlines.

Benefits

  • Highly competitive base pay
  • Comprehensive medical, dental and disability benefits programs
  • Group retirement savings program
  • Health and wellness programs
  • A diverse and inclusive culture that values opportunity for growth, development, and internal promotion

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service