SAIC is seeking a Senior Cloud Security Engineer to perform Cloud Security Engineering and Administration duties for our team providing Cybersecurity services for a major state & local government customer located in Texas.
This position reports to our Cybersecurity Operations Director and is a member of the 24x7x365 security operations (SecOps) team.
This specialist will have two primary categories of responsibilities: 1.)
Being a technical leader in Azure Portal, Sentinel SIEM engineering, and associated tasks, and 2.)
Supporting the incident response function.
During your tenure, you will take ownership of the technical aspects of running and maintaining a SIEM, such as getting data in, authoring and tuning correlation rules, developing and maintaining PowerBI dashboards and reports, ensuring endpoints that are expected to send their logs are actually doing so, and other similar activities.
You will also provide consultative advice and recommendations in support of these tasks, as well as coach, guide, and mentor less experienced cloud security specialists.
Your backup/supporting responsibility will be incident response, including how to prepare, detect, respond/contain, mitigate/eradicate, report on, recover from, remediate, and learn from cybersecurity events and incidents in the enterprise.
This includes authoring, modifying, and maintaining our internal SOC playbook and associated procedures, as well as have rotating on-call responsibilities.This position is 100% remote.Primary job responsibilities include: Azure Portal Engineering and Administration: User administrationLicense administrationVM administrationVirtual network administrationSentinel SIEM Engineering and Administration: Analytics rule development, administration, troubleshooting, supportSyslog and Logstash troubleshooting, support, and administrationNXLOG and Microsoft agent support and troubleshootingManage multiple Azure resources in support of the SIEM, such as storage blobs, key vaults, containers, etc.Azure and Sentinel related project support: PowerBI Dashboard creation for disparate customersServer migrations to incorporate high-availabilityOther future project workAutomation and interconnectivity: Utilize knowledge, skills, and abilities to automate a variety of tasks as it relates to threat intelligence, incident detection/response, EnCase anomaly and IOC scanning, and other activities.Develop and maintain Azure Logic Apps to perform data acquisition, transformation, storage, and/or transmissionConfigure and maintain API connectivity and integrations with supporting tools such as ServiceNow, and security toolsDevelop and maintain Azure data factory pipelinesProvide Support for Incident Detection and Response: Configure, monitor, and manage EnCase anomaly and IOC scansPerform Sentinel log searches in support of incident detection and response activitiesProvide coaching and guidance for more junior SOC personnelQualifications Required:Bachelor's degree in a relevant field of study (e.g.
Cybersecurity, Information Systems, Computer Science, or other relevant business or IT field), plus a minimum of five (5) years' relevant experience.Must be a U.S. Citizen on U.S. soil, and able to pass an annual CJIS background check.Demonstrated experience with Microsoft Sentinel, Log Analytics, and other similar and supporting technologies; Current Microsoft Azure and/or security-related certification holders will be given strong preference.Excellent and demonstrated oral and written communication skills, including confident and concise oral communications used in leading Security Incident Response Team (SIRT) calls.Demonstrated experience with syslog-based logging server-side configurations and Azure portal administration and engineering.Obtain the Cybersecurity First Responder certification within 180 days of first day of employment.Preferred:Experience with ITIL, ITIL Foundation or higher certification.Unix/Linux and/or Windows System Administration.Familiarity with syslog-based logging client-side configurations.Experience with EnCase Digital Forensics/Investigator and Endpoint Security solutions; Current EnCE certification holders will be given preference.ISC2, SANS/GIAC, and other industry-recognized cybersecurity certification(s) will be given preference.Experience and familiarity with Cyber Threat Intelligence (CTI) programs, including indicators of attack, compromise, etc., and associated actions taken to detect and block relevant indicators.What we will provide: On-the-job training of the customer operating environment and service provider tools.A strong teamwork-based environment that enables close collaboration and support of each other.A flexible approach to work schedule.Reimbursement for selected and manager-pre-approved technical training and certification.What we expect from you: Passion, personality, and persistence – you will provide the drive to learn and grow, while we provide the technical knowledge, and enable reimbursement of costs associated with passing exam fees, course study materials, and other costs based on leadership approval prior to the cost being incurred.You must be able to provide on-call coverage on both a planned rotation and ad-hoc when issues arise, particularly after training is complete.Continual learning – you must be willing to continue to learn and grow through acquisition and application of additional coursework toward a new degree program and/or certifications.
SAIC will provide reimbursement for a portion of, or the entirety of the costs associated with these approved on a case-by-case basis, based on leadership approval prior to the cost being incurred.Target salary range: $80,001 - $120,000.
The estimate displayed represents the typical salary range for this position based on experience and other factors.SAIC accepts applications on an ongoing basis and there is no deadline.Covid Policy: SAIC does not require COVID-19 vaccinations or boosters.
Customer site vaccination requirements must be followed when work is performed at a customer site.Overview SAIC is a premier Fortune 500 technology integrator focused on advancing the power of technology and innovation to serve and protect our world.
Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services.
We integrate emerging technology, rapidly and securely, into mission-critical operations that modernize and enable critical national imperatives.We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities.
SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity and inclusion, which is core to our values and important to attract and retain exceptional talent.
Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion.
For more information, visit saic.com.
For ongoing news, please visit our newsroom.Please apply through the internal career site here >#J-18808-Ljbffr
Empresa admite Auxiliar de Assistência Técnica em Joinville (Zona Industrial Norte). Auxiliar nos serviços de instalação, manutenção, assistência técnica el...
Empresa Do Setor Privado - Santa Catarina
Publicado 8 days ago
Distribuidora de Produtos de Segurança Eletrônica e Telecomunicação admite Técnico em Eletrônica em Itajaí (Ressacada). Atender clientes internos e externos...
Digital Sat - Santa Catarina
Publicado 8 days ago
Descrição da oferta: Empresa admite Desenvolvedor Salesforce em Criciúma. Principais Responsabilidades: Criar software limpo e escalável no Salesforce. Faz...
Empresa Do Setor Privado - Santa Catarina
Publicado 8 days ago
Descrição da oferta: Empresa de Tecnologia admite Administrador Tableau em Joinville. Principais Responsabilidades: Efetuar atualizações de servidores e re...
Empresa De Tecnologia - Santa Catarina
Publicado 8 days ago
Built at: 2024-12-24T10:19:17.281Z