Job Overview
Company
Ensign InfoSecurity
Category
Computer Occupations
Ready to Apply?
Take the Next Step in Your Career
Join Ensign InfoSecurity and advance your career in Computer Occupations
Apply for This Position
Click the button above to apply on our website
Job Description
Ensign is hiring !
Key Responsibilities
Perform implementation, maintenance, support and operation of the project's security monitoring use cases Maintain understanding of the architecture and work with security team to understand the use cases to be created.
Identity, evaluate and recommend new areas of improvements for the implementation.
Adhere to established change management process and other service management process in day-to-day tasks Create, finetune and maintain SIEM data sources, use cases, correlation rules and security alerts classifications Review, propose and generate dashboards and reports to automate monitoring of systems and log and threat intelligence feed ingestion, and reduce low value event escalationsBuild rules and intelligence to detect threats in all monitored assetsImplement and devise detection method of such threats in our security operations through SIEM use cases etcPerform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when availableReview and update data enrichment, including use of threat intelligence to enhance fidelity of detectionReview and maintain UEBA data sources and use cases Requirements
At least 3 years of experience in security operations in a SOC environment At least 2 years of experience in creating, finetuning and maintaining correlation rules and SIEM dashboards Working experience in Regex and/or scripting Strong critical thinking / contextual analysis abilitiesStrong investigative and analytical problem solving skillsStakeholder managementMeticulous with an eye for details Product certification such as Splunk Enterprise Certified Administrator or equivalent Professional certification such as SANS (such as SANS GCDA, GCIA, GDSA, GMON) would be an advantage Good understanding of whole of government environment would be an advantage
About Ensign InfoSecurity
Don't Miss This Opportunity!
Ensign InfoSecurity is actively hiring for this Correlation & Automation Lead position
Apply Now