Senior Cybersecurity Administrator (SIEM)

In this role, you will:

• User access management, including provisioning of user accounts and data access segregation based on requirements.
• Work with SIEM end users to gather requirements, perform troubleshooting, and aid with the creation of search queries, rulesets, and dashboards.
• Onboarding new data sources into the SIEM, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
• Manages large data sets including creating and organizing indexes, setting data retention, and managing access.
• Monitor and troubleshoot silent data sources or system health issues within the SIEM.
• Oversees, applies, and advises on the implementation of patches, firmware upgrades, configuration changes, and security updates to systems, servers, and software applications for SIEM components.
• Develop and maintain solution design, procedural, and architectural documentation for the SIEM.
• Handle day-to-day SIEM implementation, monitoring and operational support of hardware, software, applications, managed solutions, and service provider relationships.
• Work in tandem with architects, the security operations center (SOC), incident responders, and information technology infrastructure and development team members.
• Collaborate with vendors for procurement and support.
• Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
• Performs other duties as assigned.

Your background:

• Bachelor’s degree in information technology, Information Security/Assurance, Computer Science, Engineering, or related field or equivalent combination of education and experience.
• Experience administering and managing SIEM technologies.
• Experience creating Dashboards, Rulesets, and Analytics within SIEM tools.
• Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for security information and event management.
• Experience in working with and maintaining both Linux and Windows operating systems.
• Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
• The ability to troubleshoot issues with log feeds, search time, data solutions, and field extractions.
• Solid communication skills with a customer service mindset when interfacing with internal and external users.
• Ability to work independently and prioritize tasks in a fast-paced, dynamic environment.

Additionally it would be beneficial if you have:

• Experience with enterprise-scale operations and maintenance for SIEM technologies.
• Experience with Cribl Stream and/or Cribl Edge or similar data engine technologies.
• Experience with Elastic Cloud and/or Logz.io SIEM tools.
• Exposure to Agile/SAFE methodologies

If this sounds like you and fits your experience and career goals, we’d be happy to chat.   
What we offer in return is the opportunity to experience a great company culture with wonderful colleagues to learn from and collaborate with and also to enjoy:  

• Medical, dental, vision, life & disability, and financial benefits (including 401(k) retirement savings plan. Tuition Reimbursement program. Additional voluntary benefits including crucial illness/hospital indemnity, identity theft protection, auto & home insurance, legal, and pet insurance. 
• Competitive salary, bonus, and best-in-class Employee Stock Purchase Program (ESPP) with a 27-month lookback
• Flexible paid vacation time, paid day off for your birthday, and company holidays. A variety of leave plans, including Parental Leave.
• Employee Assistance Program (EAP) and an employee well-being program focusing on physical, mental, and financial health.