Content Developer

ReliaQuest   •  

Las Vegas, NV

Industry: Technology

  •  

Not Specified years

Posted 62 days ago

This job is no longer available.

ReliaQuest is currently seeking an intermediate level cybersecurity specialist to begin immediately in a SIEM Content Developer role. The Threat Management Team at ReliaQuest combines all of the intelligence sources in a network into a single pane of glass in order to provide complete threat detection capability. Content Developers analyze the signatures cyber attackers leave behind throughout a network and develop SIEM rules to detect future intrusions.   

 

Responsibilities:

  • Research and deconstruct cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs  
  • Create abstract rules to detect network intrusions based on IOCs 
  • Conduct open ended analysis of large data sets in order to find network activity baselines as well as abnormalities 
  • Implement SIEM rules across variable environments in ArcSight, Qradar, LogRhythm, McAfee ESM, Splunk, and AlienVault
  • Test rules in a lab environment using penetration testing tools  
  • Clearly and effectively document your work to inform multiple audiences of how to use your work 

 

 Qualifications:

  • Understanding of all major categories of networksecurity devices to include SIEM, IDS/IPS, firewalls, proxies, web filters, email filters, web application firewalls, end point anti-virus, etc.  
  • Understanding of Window SecurityEvent logs and Syslog   
  • Understanding of how to conduct investigations and create rules in at least 1 SIEM 
  • Understanding of cyber kill chains and campaign strategies
  • Collegiate level writing ability 
  • Strong ability to develop regular expressions  
  • Scripting and programming experience are not required, but highly desirable.

#1206-MH1619