SIEM Senior Cloud Security Engineer

TEKsystems - Chicago, IL

posted 4 months ago

Full-time - Mid Level
Chicago, IL
10,001+ employees
Professional, Scientific, and Technical Services

About the position

Our banking client is looking for an experienced Senior Cloud SIEM Engineer to join our Cyber Security Operations team. The ideal candidate must have deep knowledge of security controls, tools, features, and operations for AWS / Azure. The candidate should be able to demonstrate relevant experience with implementing and enhancing detective capabilities in a fully managed AWS / Azure environment. This role will help to build a detection engineering process and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS / Azure environment. It will partner with teams across the security organization to design, develop, tune, and maintain detection content to protect the client and support their information security policies and/or procedures. The candidate should be intellectually curious about technology and the evolving threat landscape.

Responsibilities

  • Build a detection engineering process and culture for a SIEM platform covering on-prem and multi-cloud environments.
  • Partner with teams across the security organization to design, develop, tune, and maintain detection content.
  • Implement and enhance detective capabilities in a fully managed AWS / Azure environment.
  • Review applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
  • Independently assess risks and identify vulnerabilities in infrastructure.
  • Suggest new processes, policies, and overall improvements to internal security controls.

Requirements

  • 8+ years of relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
  • Experience writing and tuning detections.
  • Experience with SIEM tools.
  • Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
  • Experience with a range of AWS and Azure native services and tools (i.e. Guard Duty, Security Hub).
  • Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
  • Understanding of Risk Management principles.
  • Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS / Azure.
  • Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 27001).
  • Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
  • Excellent verbal and written communication skills.

Nice-to-haves

  • CCSP / CCSK certification
  • CISSP / CISM / Security + certification
  • Highly organized and motivated self-starter who can deliver results with minimal direction.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service