Cybersecurity – Incident Monitoring & Response (Splunk)
Position title
Cybersecurity – Incident Monitoring & Response (Splunk)
Description
As a successful company on a path to global growth, Priamba Soft offers challenging responsibilities and exciting career opportunities to performance-driven, skilled specialists with solid professional knowledge and proven career expertise who wish to contribute to our company’s success.
Responsibilities
A leading utility provider located in Brooklyn, NY is looking for a Cybersecurity – Incident Monitoring & Response for a 12+ month contract.
- Specific knowledge of Asset Monitoring implementation (using SolarWinds and SPLUNK), configuration, and alert correlation rule set creation
- Ability to multitask and switch priorities, as warranted
- Proven ability to understand and analyze issues, then apply knowledge, experience, and judgment, to develop sound recommendations especially as related to current threat/attack vectors, and/or vulnerability management using key tool deployments
- Strong research and writing skills
- Knows when to notify management when deadlines are at risk
- Must be able to develop assignment associated documentation that will be consumed by users of diverse backgrounds and skills
- Ability to communicate concisely, effectively and directly to management
- Ability to work with and across teams
Responsibilities
- This role involves driving the creation of new SIEM (Security Information and Event Management) content, including security event correlation rules, trends, dashboards, and reports, as well as leading the maintenance and optimization of current content and event flow, as required by agency’s Control Center CyberSecurity program
- The role also requires driving the configuration of various asset monitoring tools that will be source data feeds for SIEM ingestion
- The ideal candidate has experience in the information security and/or information technology fields
- The candidate will perform security related functions using current tools, and will need to be proficient with the various tools to ensure effective and valid results
- The candidate has excellent technical background across a wide range of security disciplines and solutions
- The candidate must have excellent presentation, report writing and business interface skills
- The candidate is a self-starter and willing to drive assignments
- The candidate will be able to analyze and assess security risk and facilitate the development and implementation of effective compensating controls
- This candidate will function within the Control Center CyberSecurity Team, but will ideally be effective across the entire security spectrum, and able to analyze complex security issues and explain them in standard business language
- Functional knowledge of both technical and business aspects of security monitoring and alerting is required.
- Lead deployment and/or enhancements of new SIEM (SPLUNK) and Asset Monitoring (SolarWinds) tools and configurations
- Implement custom alerts and reports based on monitored assets, asset logs, and associated correlation profiles
- Research and provide recommendations to management on technical decisions associated with SIEM and Asset Monitoring implementation and enhancements
- Candidate will interface with various agency IT groups, to develop requirements and apply best practices, to optimize deployment and utilization of tools
- Candidate must have valid driver’s license, and be willing to occasionally travel within NYC and Westchester, NY, and be available to troubleshoot issues associated with deployments
Qualifications
- Bachelor’s degree in Computer Science/Engineering or equivalent work experience
- 5-7+ years of information security, incident response and/or information technologies experience
- Strong understanding of Cyber security, incident monitoring and response, and networking concepts
Recent Comments