Siem Engineer Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the siem engineer job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

R Russel

Ralph

Russel

70038 Rippin Gateway

Dallas

+1 (555) 716 8974

70038 Rippin Gateway

Dallas

Phone

p +1 (555) 716 8974

Experience Experience

Dallas, TX

Siem Engineer

Dallas, TX

Monahan, Smitham and Boyer

Dallas, TX

Siem Engineer

Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the ArcSight ESM and Splunk platforms
Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems)
Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms
Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions, and flow management
Performs all administration, management, configuration, testing, and integration tasks related to the Splunk, BigData/Hadoop, ArcSight ESM and associated platforms to include content creation, maintenance, and administration tasks
Creates and develops correlation and detection rules, utilizing Regex, within Splunk ES to support alerting capabilities within the Threat Management Center
Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources; log collection rate, and server performance

New York, NY

Senior Siem Engineer

New York, NY

Kuvalis-D'Amore

New York, NY

Senior Siem Engineer

Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies
Assist with client transition and onboarding serve as primary point of contact for Managed Security Service clients
Develops internal training methods to support Managed Services and their clients
Perform capacity planning and management tasks on a regular basis
Perform SIEM product support and implementation
Act as a point of escalation for other Engineers (Associate SIEM Engineer & SIEM Engineer) and provide guidance and mentoring
Act as the point of escalation for other Engineers (Associate Engineer, Security Engineer, & Senior Engineer) and provide guidance and mentoring

present

Boston, MA

Principal Siem Engineer

Boston, MA

Lakin, Upton and Gorczany

present

Boston, MA

Principal Siem Engineer

present

Assist with designing and documenting work processes within the SOC
Perform technical account management duties for specific top-tier, strategic clients
Manage SIEM user accounts (create, delete, modify, etc.)
Create client-specific Watch Lists if necessary
Attend vendor-specific meetings and conferences for business and professional development
Create innovative solutions to automate and reduce timeframes for operational changes as well as initial installation of the platform
Manage appliance or virtual appliance OS and SIEM software

Education Education

Bachelor’s Degree in Computer Science

University of Massachusetts Amherst

Bachelor’s Degree in Computer Science

Skills Skills

People skills, and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details
Able to create high quality Security Analysis reports pertaining to event data
Knowledge and demonstrable experience of Security Information Event Management systems (Sentinel, Intel, QRadar, RSA, Splunk)
Knowledge of Security terminologies
Penetration testing, Vulnerability management
Strong IBM Qradar, Juniper STRM or HP ArcSight skills
Good interpersonal skills
Strong understanding of security postures/policies
Understanding of Security principals: Confidentiality, Integrity and Availability
Good analytical skills

Create a Resume in Minutes

15 Siem Engineer resume templates

Read our complete resume writing guides

Siem Engineer Resume Examples & Samples

2 years working experience with a major vendor SIEM product (Qradar, STRM, ArcSight, McAfee, Splunk, LogRhythm, EMC RSA) either as a SOC analyst or as a SIEM Admin
3 years working in IT security role of any kind
Solid foundation in networking (TCP/IP and OSI layers, network routing & switching protocols)
At least 3 years support experience with at least 2 of the following
At least 2 years SIEM administration experience in an enterprise environment
Strong IBM Qradar, Juniper STRM or HP ArcSight skills
Knowledge and understanding of one or more of the following concepts and technologies is a plus: SIEM, Proxies, Firewall, Content Filtering, Vulnerability Scanning, Email, IAM and Web Security
Strong understanding of security postures/policies
Knowledge of Security terminologies
Linux and or Unix administration skills
Experience automating tasks using Python
Strong IT configuration and policy management experience on any platform
Able to create high quality Security Analysis reports pertaining to event data
High degree of analytical ability and creativity
Demonstrated ability to work under pressure
English: Fluent

Senior Siem Engineer Resume Examples & Samples

Provide SME level technical and strategic direction to the SIEM team
Design, build and deliver training to the SIEM team and SOC on the SIEM product(s) which you are an SME for
Own and complete all highly complex workloads in the team
Design, document and implement process and procedures for SIEM team and SOC
Perform SIEM product support and implementation
Configure SIEM systems based on security best practices and client requirements
Monitor and maintain overall system health of supported SIEM systems
Liaise with technical teams to ensure the SIEM is functioning as required to IBM and customer requirements
Assist in end to end fault determination, troubleshooting or escalation of security infrastructure, working with other security personnel as required
Perform capacity planning and management tasks on a regular basis
Accurately record all required data in incident / problem management systems
Perform user administration tasks and checks in the SIEM systems
Complete security compliance and assurance tasks against the SIEM systems
QA SIEM requirements proposed by Project, Architects and customers and provide guidance for best practice
Identify and design new use cases that address our customer’s needs
Evaluate, modify and tune the SIEM rules to adjust the specifications of alerts and incidents
Evaluate existing SIEM content and use cases and adapt them to meet our customer’s goals
Develop and test new SIEM content
Design, set up and produce required reporting out of the SIEM
Assist customers to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources
Have high awareness of customer service levels when dealing with problems to ensure all SLA’s are met
Cross train the 24 x 7 SOC on SIEM usage with objective to lead to advanced tuning, security event monitoring and detection
Develop end to end monitoring processes

Siem Engineer Resume Examples & Samples

Act as the subject matter expert for the customer’s SIEM solution
Maintain SIEM operations and document current environment
Work with external teams to ensure all necessary logging sources are reporting to the SIEM
Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources; log collection rate, and server performance
DOD 8570 Compliance, or the ability to quickly obtain the security certifications: Security+, and CEH
Minimum of three (3) years managing/utilizing a SIEM solution
Experience in performing infrastructure support at an enterprise level
Ability to demonstrate strong knowledge of computer security concepts
Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc
Vendor certification in a SIEM technology

Siem Engineer Resume Examples & Samples

Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the ArcSight ESM and Splunk platforms
Integration and normalization of disparate asset information into a centralized asset model
Overall responsibility for being the subject matter expert on ArcSight ESM and Splunk software for the customer
Use of ArcSight ESM and Splunk in the daily operational work and workflow of the end customer
Advising SOC Manager on best practices and use cases on how to use ArcSight and Splunk to achieve end state requirements
Custom development of Connectors (Agents) using ArcSight FlexConnector
Meet with business users to gather requirements and make recommendations for meeting customer requirements within the SIEM and Log Management solution
Analyzing new technologies and making security recommendations based on business objectives
Implementation of security controls and best practices including ISO 27001/27002, NIST CSF and SP800-53
BSc of Computer Science, Engineering, or Mathematics preferred
Work with systems owners to establish how best to leverage ArcSight ESM and Splunk (and associated products) to meet the strategic goals by defining Use Cases Technical administration of the ArcSight ESM, Splunk, and Connector software platform
Ability to modify configuration files (under the covers, not exposed at Console level)
Distributed Multi-Manager architecture and deployment
Troubleshoot and configure networking devices, various platforms and databases
Integration with 3rd party systems including configuration management, network management, vulnerability scanners and trouble ticketing applications
Upgrade and patch all components of the ArcSight and Splunk platforms
Project Management, Customer Service and Technical Writing duties
3+ years security engineering experience in mid-sized to large organizations, with emphasis on security operations, incident management, intrusion detection, firewall deployment and security event analysis
3+ years with SIEM and Log Management technologies specific to Splunk and/or ArcSight
Experience with 3-5 of the following security technologies including

Siem Engineer Resume Examples & Samples

Performs all administration, management, configuration, testing, and integration tasks related to the Splunk, BigData/Hadoop, ArcSight ESM and associated platforms to include content creation, maintenance, and administration tasks
Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems)
Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms
7+ years in security logging and monitoring engineering
5+ years hands on experience in engineering and supporting large scale Splunk or similar event logging solutions for large corporations is preferred
5+ years of multiple security platform administration or engineering within large-scale or global enterprises combined
3+ years of experience within an engineering role designing or implementing complex BIG Data / hadoop and large data management solutions
2+ year experience in Hadoop/BigData technology configuration and management is preferred
Understanding of Network Firewalls, Load-balancers, and complex network designs
Good understanding of Unix/Linux and Windows operating systems
Hands on experience with database engineering and support
Good command on Python, Perl, SQL, Regex and Shell scripting is required
Experience installing and maintaining Syslog-NG, windows Snare and MSCOM is preferred

Siem Engineer Resume Examples & Samples

Knowledge and demonstrable experience of Security Information Event Management systems (Sentinel, Intel, QRadar, RSA, Splunk)
Experience in Linux administration and networking troubleshooting
Experience in programming in Python, Java, bash or other languages
Understanding of security monitoring and identification concepts
Understanding of ITIL processes
Understanding of Security principals: Confidentiality, Integrity and Availability
Security monitoring solutions
ISO 27001
Penetration testing, Vulnerability management
LPIC/RHCE
CEH; Comptia Security+
>1 years

Siem Engineer Resume Examples & Samples

Support 2nd level colleagues regarding SIEM operation related tasks
Rule tuning
Performance monitoring
System health monitoring
Communication with SIEM providers
Experience with server operations(preferably Linux)
Experience with SIEM systems
Strong understanding of networking
Understanding of IT security principles
Willingness to provide on-call service
Good language and communication skills in English
Experience in scripting
Experience with firewall/proxy/IPS
Server and/or network troubleshooting experience

Siem Engineer Resume Examples & Samples

Definition, planning and implementation of SIEM architecture changes
Development, implementation and execution of standard procedures for SIEM administration
Custom development of Connectors (agents) using ArcSight FlexConnector
Oversight of administrative operations performed by 3rd party provider including operating system security hardening, backup management, capacity planning, version/patch management, and lifecycle upgrade management
Expert implementation and generation of ArcSight content (e.g. rules, trends, lists, reports and dashboards) based on defined use cases
Maintain key relationships both internal and external stakeholders

Senior Siem Engineer Resume Examples & Samples

Lead engineering team by prioritizing clients work requests, projects and service tasks
Work closely with Management, Service Delivery and other Principal Engineers in defining processes and procedures for internal projects
Guide the design, development and review of complex security SIEM content
Analyzes and identifies areas of improvement with existing processes, procedures and documentation
Develop individual team, defining strategies and responsibilities to be successful and grow
Develops internal training methods to support Managed Services and their clients
Act as the point of escalation for other Engineers (Associate Engineer, Security Engineer, & Senior Engineer) and provide guidance and mentoring
Assist with client transition and onboarding serve as primary point of contact for Managed Security Service clients
This will require documentation of Account Governance processes and responsibility for report generation and notification to senior leadership about potential client Service Level Agreement (SLA) issues
Explain and demonstrate how to use SIEM and Enterprise Security products to both technical and relatively non-technical personnel
Implement and configure SIEM software and appliance-based products in large enterprise and Government environments
2-3 years professional experience working with networks and network architecture
1+ year professional experience writing SIEM content
Prior experience in a technical team leadership role
Experience with content SIEM content creation and reporting
MUST HAVE
General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications)
An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
Experience with various SIEM security products such as: ArcSight, QRadar, Nitro, Splunk, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc
Prior consulting experience

Siem Engineer Resume Examples & Samples

Work with individuals in the client environment in many different IT areas (IDS, Firewall, Server Admin., etc.)
Monitor, sustain and troubleshoot a variety of technologies as they relate to Enterprise Log Management; make these other systems "talk" to the SIEM tools. Essentially, this individual needs to be able to administer a logging solution
Develop custom content (reports, querying, dashboards, light scripting, etc.)
Performs a variety of routine project tasks applied to specialized information assurance problems
Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements
Creates customized dashboards using Security Information and Event Management (SIEM) tool ArcSight ESM to elevate high threat items to incident responders
Maintains and creates customized reports in Enterprise Log Management (ELM) Solution, ArcSight Logger

Siem Engineer Resume Examples & Samples

Plans, conducts and oversees highly complex projects or major phases of significant projects; Performs security network engineering efforts
Conducts investigations and tests of complex security software systems to enhance performance or investigate and resolve matters of significance
Reviews completion and implementation of technical products to ensure success and timeliness
Reviews literature, and current practices relevant to the solution of more complex network security projects
Recommends corrections in complex technical applications and analysis to enhance performance
Acts as the initial contact with vendors on more complex projects to provide required products or services
Provides technical consultation to other organizations; interacts with senior customer personnel and internal senior management
Provides the customer base with first level support
Performs comprehensive security assessment of all designs within all enterprise networks, advises senior level executives of network vulnerabilities, and develops procedures and policies to rectify
Any other duties as requested by the Contracting Officer Representative and SOC management
Designs and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks
Ensures system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis
Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues
Bachelor's degree in Computer Science, Information systems
Minimum ten (10) years of relevant professional experience
Minimum eight (8) years of experience in network security
Engineering, network security analysis or OS programming
Experience with Enterprise Sensors (Sourcefire, SNORT, Cisco, ISS, McAfee, etc.)
Experience with IDS/IPS custom signature creation and deployment
Experience with full packet capture and DNS technology and concepts
Experience with network principals, routers, switches, firewalls and VPN technologies
Experience writing policies, procedures, and TTPs
Experience composing presentations and briefing senior management
CISSP, CCNA, Security+ and/or relevant Certification
Must be a certified ArcSight Administrator
Development experience with a programming language, especially the following: C, C++, Java, with additional familiarity in languages such as Ruby, Perl, Python, and SQL
Experience with information security devices (e. g., firewalls, and intrusion detection/prevention systems) and applications (e.g. security information management tools like ArcSight)
Experience with NAC and web proxy solutions (ForeScout, BlueCoat, etc.)
Strong analytical and creative problem solving skills to resolve highly complex software design issues and create new software
Good leadership skills to mentor, oversee, and lead team members
Strong interpersonal skills to interact with senior customers, management and team members
Strong communication skills to interact with team members and senior support personnel
Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)

Threat Response Siem Engineer Resume Examples & Samples

Improve and contribute to alert generation for actionable intelligence
Administer Splunk and Splunk App for Enterprise Security (ES) log management and SIEM solutions
Integrate Splunk with a wide variety of legacy data sources that use various protocols
Consult with internal customers to customize and configure Splunk in order to meet requirements
Develop reliable, efficient queries that will feed custom alerts, dashboards, reports, and data models
Leverage the full utility of Splunk technology in order to monitor cyber security, protect IT infrastructure, and enable rapid containment and resolution to IT security incidents
Design and generate data parsers as necessary to optimize ingestion of data from a wide variety of devices including servers, firewalls, IDS/IPS, VA appliances, etc
Familiarity with some of the following technologies: Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory, TCP/IP, firewalls, routers, network protocols and architecture, databases, VPNs
Experience architecting and deploying Splunk Enterprise implementations in medium to large sized customers
Experience writing advanced Splunk searches to perform data correlations, identify trends, locate anomalous and suspicious activity, detect malicious behavior and find other notable events
Experience creating reports, scheduled searches, alerts, forms and dashboards to satisfy data requests and present Splunk information to a wide range of technical audiences including general users, system administrators, Security Operations Center (SOC) technicians, and senior management
Experience using Splunk to automate existing process and data driven tasks
Excellent attention to detail, multi-tasking, organizational and time management skills
B.S. Computer Science or similar combination of education and/or experience
Technical certifications: Splunk Certified Admin, Splunk Certified Architect equivalent training
Ability to populate Splunk from 3rd party data sources (i.e. bash/python scripts/SQL DB/APIs)
Experience performing technical investigations to find potential indicators of compromise
Experience managing Security tools in an enterprise environment that includes firewalls, IDS/IPS, assessment and scanning tools, endpoint solutions, and audit logs from various platforms

Qradar Siem Engineer Resume Examples & Samples

Bachelor's degree in telecommunications, computer science, information technology or equivalent experience
Security related certifications such as Security+ or CISSP are beneficial but not required
3+ years of direct hands on experience with IBM QRadar or similar SIEM product
Working knowledge of network security principles and best practices
Possess effective verbal and written communications as well as strong organizational skills
Must be capable of working well independently as well as in a highly collaborative team environment

Senior Siem Engineer Resume Examples & Samples

Act as a point of escalation for other Engineers (Associate SIEM Engineer & SIEM Engineer) and provide guidance and mentoring
Develop and deploy SIEM content and reporting
Perform knowledge transfers and train clients regarding security and system configuration
The Senior SIEM Engineer has no direct reports

MSS SOC Siem Engineer Resume Examples & Samples

Drive technical and architectural improvement of the SIEM Arcsight managed service and tools used to deliver service to these customers
Accountability for technical improvement program per in scope enterprise sized clients, targeted mainly at architecture and content
Operational Management involving Incident Management and Change Control
Maintain documentation of the managed infrastructure per client
Engage with other Security Operational Centres, assisting technically where appropriate
Provide training on the managed infrastructure and technology to other MSS teams
Act as a Technical escalation point for the delivery teams within the organisation for SIEM Arcsight specific incidents
ArcSight Administration version 6.0+ preferred
IT experience of customer delivery/customer services
Excellent documentation skills within SIEM delivery
Experience of working within a SOC, MSSP preferred
Evidence on being able to architectural design, review and implement Arcsight and individual components
Evidence of using other security technologies that help protect client environments
Evidence of complex trouble-shooting skills on Arcsight and individual components
Evidence of being able to design and implement content, both health and security
Evidence of dealing with escalations, both service and technical for Arcsight related incidents
Mentoring experience, needed for when training junior members of the team
Office based role, must be able to drive and have own transport due to work patterns
Role can accommodate a degree of home working

Principal Logrhythm Siem Engineer Resume Examples & Samples

3+ years professional experience managing and maintaining LogRhythm SIEM systems
1+ year professional experience writing LogRhythm SIEM content
College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment
Experience with content LogRhythm SIEM content creation and reporting

Siem Engineer Resume Examples & Samples

Creates and develops correlation and detection rules, utilizing Regex, within Splunk ES to support alerting capabilities within the Threat Management Center
Reviews current detection rules and, if necessary, changes use case criteria based on metrics and the needs of the Threat Management Center
Collaboration with the Threat Management Center (TMC) to provide/implement advanced functionality to current toolsets, including custom signatures, alerting mechanisms and use cases developed from intel gathered internally (from the Threat Intelligence group) and external partners
Develops metrics resulting from detection and alerting of SIEM and data analytics technologies
Identifies innovative capabilities, such as custom detection signatures and identification of targeted attacks, leveraging existing Verizon security resources and tools, including Verizon’s customized intelligence platform
Supports collaboration on the development and maintenance of the TMC security stack, such as new technology solutioning and recommendations for process/procedure changes
Interfaces with the Threat Management Center teams to identify improvements to detection and alerting capabilities within the SIEM and Data Platforms
Consumes results of cyber-attacks, indicators, and correlations to assist in identification of attribution and potential threat and impact to Verizon resources

Principle Qradar Siem Engineer Resume Examples & Samples

1+ year professional experience writing QRadar SIEM content
Advanced information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Manager (SIEM), to include: NitroSecurity ArcSight Q1 Labs RSA Envision Network Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva
Experience with Linux OS

Siem Engineer Resume Examples & Samples

Minimum of 1-2 years of SIEM Administration experience in IBM QRadar
Unix / Linux operating systems
Windows operating systems
Minimum of 1-2 years working in a customer facing role
7 or more years of information security or networking experience
Self-starter, self-managed, and detail oriented
Leadership experience managing small teams and/or large security implementations
Minimum of 1-2 years of SIEM administration experience in Splunk

Senior Siem Engineer Resume Examples & Samples

Passion for information security
Excellent analytical thinking and problem solving skills
Highly motivated
CISSP, CISM, or CISA certification

Principal Qradar Siem Engineer Resume Examples & Samples

3+ years professional experience managing and maintaining QRadar SIEM systems
Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis
Experience with content QRadar SIEM content creation and reporting

Siem Engineer Resume Examples & Samples

Responsible for monitoring and stability of SIEM platform
Respond to SIEM platform server issues and high priority incidents
Remediate ongoing and new SIEM Application defects / process failures
Facilitation of SIEM Change Requests (upgrades, break fixes etc.)
Onboard new application and platform logs via syslog, endpoint agents, and APIs
Build and maintain documentation to support SIEM platform

Principal Siem Engineer Resume Examples & Samples

Subject matter expert for onboarding SIEM components for new MSS clients (primarily Splunk)
Manage appliance or virtual appliance OS and SIEM software
Create innovative solutions to automate and reduce timeframes for operational changes as well as initial installation of the platform
Create rules for compliance and audit requirements and create and manage Watch Lists for current threats
Configure backups, verify custom reports, manage log source groups, and validate log sources with client
Review and apply any newly available and applicable SIEM and/or appliance/virtual appliance software or policy updates monthly
Perform formal Health Check and administrative password change
Perform formal Architectural Review
Create custom rules/rule modifications and custom reports/ report modifications as needed
Manage SIEM user accounts (create, delete, modify, etc.)
Add /Remove log sources. Troubleshoot issues with log sources or systems with vendor, and report system defects as needed
Manage product enhancement / feature requests with vendors as needed
Perform software upgrades, updates and patches as needed
Create client-specific Watch Lists if necessary
Perform technical account management duties for specific top-tier, strategic clients
Responsible for major SIEM client environmental changes including upgrades
Create custom documentation for internal and external needs
Responsible for mentoring and training of SIEM Engineer II employees
Responsible for testing and configuring new products and technologies
Assist with designing and documenting work processes within the SOC
Perform other duties as assigned
Associate’s Degree or equivalent from two-year College or technical school in Information Technology, Information Security/Assurance, Engineering or related field of study; at least 2 years of related experience and/or training; or equivalent combination of education and experience required
Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or related field of study; or at least four years of related experience and/or training; or equivalent combination of education and experience preferred
Minimum 3 years Managed Security Services or Information Security experience required
Minimum 3 years of SIEM administration experience required
Minimum 1 year of Splunk administration, configuration and management required
Minimum 1 years SIEM engineering experience required
Minimum 1 year previous supervisory and/or training experience required
Security+, CISSP, GCIH, GCIA, GPEN, CEH and or other industry certifications preferred
Solid understanding of Information Security and Networking required
Working knowledge of SIEM technology (e.g. LogRhythm, QRadar, enVision. Nitro) required
Outstanding time management and organizational skills required
Ability to operate equipment or tools, specifically: Internet, e-mail, MS Office products, advanced knowledge of Excel, sound knowledge of Power Point required
Ability to work nights or weekends as required
Demonstrated understanding of Information Security regulations, frameworks, requirements etc. and how to map a client’s security needs to a SIEM solution required
Demonstrated understanding of vulnerability management systems and programs preferred
Demonstrated understanding of PCI, SOX, HIPAA etc. preferred
Security and/or Networking familiarity or understanding in the following preferred

Siem Engineer Resume Examples & Samples

Engineer integration with Cyber Security tools
Design flow and event intake from new sources
Build new capabilities and installation of new applications from the app exchange to extend functionality
Aggregate data into appropriate organization systems and datasets
Operate and maintain availability, system upgrades, and deployment of new hardware and software components
Support intelligence metric definition and reporting
Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions, and flow management
Custom rule creation based on correlation of log source events
Performance optimization and continuous integration of various security applications to improve SOC efficiency
Extensive experience working with Splunk, QRadar, and ArcSight
Regular Expressions
Firewalls, Encryption, TCP/IP, IDS/IPS, SSL
Communicating with multiple areas within IT and some business areas
Conflict management, problem solving, customer service skills
Ability to ensure activities are in alignment with the business objectives and risk management framework
Ability to anticipate, recognize, and resolve technical (hardware, software, application or operational) problems
Application development experience preferred with working experience of Tomcat
Working knowledge of Linux, LDAP, TCP/IP networking stack, and regular expressions
CISSP Certified
Some SANS Training completed
Fluent in Mandarin, Korean, Hindi, and Cantonese desired
Bachelor degree in computer science or a related discipline strongly preferred, and several years of experience in all aspects of cyber security and computer operations or an equivalent combination of education and work experience
Previous SIEM operations and engineering experience preferred

Siem Engineer Resume Examples & Samples

Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution
Act as a point of escalation for other Engineers (Associate Engineer) and provide guidance and mentoring
Advise best practice on SIEM and Enterprise Security products to both technical and relatively non-technical personnel
Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies
Develop and maintain content and reporting
Provide escalation support to Tier 1 and 2 for Authorized Support Customers, following processes and interacting appropriately with both customers and partners when required
Perform knowledge transfers to clients regarding security and system configuration awareness
2-3 years professional experience maintaining SIEM or infrastructure systems in the Information Security field
2-3 years professional experience working in a technical team environment
Excellent time management, reporting, and communication skills
Superior IT problem-solving skills
Experience with SIEM content and reporting
Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Jira, Confluence, etc.)
Knowledge of Linux and Windows Operating Systems
Training and experience in one or more non-SIEM network security products to include: Enterprise endpoint security products, Network components such as Firewalls and Proxies to include Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva or other similar network security products
CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE
Familiarity with DevOps
Professional experience working with networks and network architecture