SIEM Consultant in Columbus, GA at HUNTER Technical Resources

Date Posted: 2/10/2021

Job Snapshot

Job Description

SIEM Consultant

  • Develop correlation rules and playbooks within Splunk, UBA , and Phantom SOAR Platforms to meet the overall objectives.
  • Develop SIEM, UBA, and Orchestration automation to process events for threat identification and alert generation in a shared environment.
  • In conjunction with Threat Hunting and Threat Intelligence teams, analyze the signatures cyber attackers leave behind throughout a network and develop SIEM rules to detect future intrusions.
  • Conduct open ended analysis of large data sets in order to find network activity baselines as well as abnormalities.
  • Research and deconstruct cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs.
  • Conduct research in security principles, host- and network-based security technologies, machine learning algorithms, and attack and mitigation methods.
  • Test rules in a lab environment using penetration testing tools.
  • Clearly and effectively document your work to inform multiple audiences of how to use your work.
  • Develop and mature strategic enterprise logging policies to conform to financial sector compliance requirements.
  • Work directly with affiliates and internal business partners to gather initial monitoring requirements for integration into security monitoring platforms.
  • Work on multiple projects concurrently, monitor the status of tasks and escalate issues when appropriate for integration.
  • Identify gaps in efforts to mitigate and assess compliance areas