Ampcus inc

Security Engineer

Ampcus inc$90K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years of SIEM deployment and integration experience at enterprise levels.
  • Proficient in creating correlation and detection rules for alerting capabilities.
  • Strong communication skills, with fluency in English; additional languages are a plus.
  • Experience with diverse SIEM technologies like Splunk and IBM QRadar.
  • Expertise in Regular Expressions and log analysis from various sources.
  • Relevant bachelor's degree or industry recognized certifications (CISSP, GIAC, SIEM Vendor Qualification).

Responsibilities

  • Develop log ingestion strategies with the technical lead.
  • Contribute to industry best practice detection strategies.
  • Detail procedures for high-quality log source ingestion.
  • Monitor and optimize log sources continuously.
  • Create and tune correlation rules for log sources.
  • Act as a subject matter expert in SIEM and log source ingestion.
  • Identify automation opportunities to enhance alert handling.

Benefits

  • Travel opportunities to customer meetings and workshops (up to 10%).
  • Access to professional development and training workshops.
Full Job Description
Job Title: Security Engineer

Location(s): Tustin, CA

Job Description:
As a SIEM Engineer for Cortex XSIAM, you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all of the relevant log sources are on boarded and ingested into XSIAM in accordance with industry best practices and customer requirements. You will then work to determine a suitable detection strategy, helping to protect customers from threats, by designing and implementing correlation rules.

Your Impact
  • Work with technical lead to develop log ingestion strategy
  • Contribute to detection strategy based on industry best practices
  • Detail step by step process to ingest high quality log sources
  • Perform log source monitoring and optimization
  • Create high quality correlation rules
  • Tune log sources and correlation rules
  • Be an SME for SIEM, Correlation and Log Source Ingestion
  • Recognize opportunities where automation can improve analyst alert handling
  • Collaborate with internal and external teams to ensure product adoption
  • Create technical documentation detailing SIEM aspects of the engagement
  • Travel to customer meetings and workshops as needed (10%)

Your Experience
  • Strong communication (written and verbal) and presentation skills, both internally and externally
  • Fluent English is a requirement - Any other language is a plus
  • 6+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level
  • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms
  • The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities
  • Experience working with and deploying a variety of SIEM technologies (i.e Splunk, IBM QRadar)
  • A proven ability to offer suggestions on detection strategy based on customer requirements
  • Strong Regular Expression skills
  • Ability to understand logs, locating and understanding 3rd party documentation where needed
  • Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate, and other performance metrics
  • Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud based environments
  • 4 years' experience with Security Operation Centers tooling and processes
  • Relevant bachelor's degree or industry recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification etc)
  • Ability to read and understand technical design documentation

Similar Jobs

More Jobs at Ampcus inc

More Information Technology Jobs

Find similar Security Engineer jobs: