The #1 Site for Finance Jobs - search all Finance jobs.

REMOTE Security Analytics Engineer

Description

**REMOTE**

As an Security Analytics Engineer you'll work closely with all of the security teams as well as data owners globally to help curate additional context to the large data sets within the security log lake. You'll help identify gaps and propose solutions in data sources that we are collecting from but not currently leveraging as part of our monitoring posture within security operations. Using your background in data engineering and analytics, you will help guide and build the security team in adding additional data to drive better decisions.

Responsibilities will include:

  • Define & support a framework to document the data sources within the security data lake
  • Create and implement a process to drive new data source onboarding and identifying security events in the new log stream
  • Design, Build and Support data models using both real-time and historical analysis approaches to support the SOC team
  • Create visualizations and reports to effectively convey the information discovered through data analysis to drive downstream incident discovery
  • Work closely with the security operations team to understand questions and challenges you can help solve using data science analysis methodologies
  • Drive continuous improvement in the area of incident detection by leveraging all available detection methods and log sources and work with Cyber Security Center (CSC) and Managed Security Services (MSS) SOC team to implement incident detection in the SIEM
  • Evaluate existing detection technologies/methodologies for completeness of implementation to ensure there are no implementation gaps.
  • Identity gaps in detection technologies and methodologies and drive functionality roadmap to improve the security posture
  • Recommending and/or designing security controls to remediate or mitigate identified risks
  • Collaborating with CIS Governance & Program Management by providing technical guidance and risk analysis to support development of effective security policies and review of CIS policy exceptions

Skills/Knowledge Desired:

  • Current/Hands-on experience working with ELK stack, Kafka, Kibana and Arcsight
  • Experience with architecting, deploying and integrating enterprise data with cloud-based data lake and other Hadoop, MapReduce, Kafka, Spark data streaming services
  • Event Logging, monitoring, data enrichment and correlation experience
  • Experience building and using AI and Machine learning capabilities
  • Strong understanding of security incident management, malware management and vulnerability management processes and ability to leverage vulnerability and threat intelligence to enrich/correlate security log events
  • Understanding of concepts such as anomaly detection vs signature detection or threat modeling
  • Understanding of public cloud, private cloud and virtualization technologies and security controls for the same
  • Knowledge of network security, endpoint security, authentication, and encryption technologies/concepts
  • Understanding of security & auditing/logging for applications, Compute platforms (Unix/Linux, Windows, Mainframe, Databases), Storage platforms, Network infrastructure and perimeter security technologies
  • Understanding of Networking concepts (i.e. VLANs, Firewalls, DNS, Load Balancing, TCP/UDP, NAT)
  • Understanding of authentication (i.e. LDAP/AD, OAuth, SAML, HTTP Basic)
  • Secure System Configurations
  • SANS GIAC Certification (e.g., GPEN, GWAPT, GXPN, GMON, GCIP)




About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.



The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call 888 472-3411 or email accommodation@teksystems .com for other accommodation options.

Requirements

 

Job Snapshot

Location US-MA-Boston
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type Banking
Apply

Company Overview

TEKsystems, Inc

We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services and real-world application, we work with progressive leaders to drive change. That’s the power of true partnership. TEKsystems is an Allegis Group company. Learn More

Contact Information

US-MA-Boston
Jocelyn Bruno
6174493007
Snapshot
TEKsystems, Inc
Company:
US-MA-Boston
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Banking
Store Type:

Description

**REMOTE**

As an Security Analytics Engineer you'll work closely with all of the security teams as well as data owners globally to help curate additional context to the large data sets within the security log lake. You'll help identify gaps and propose solutions in data sources that we are collecting from but not currently leveraging as part of our monitoring posture within security operations. Using your background in data engineering and analytics, you will help guide and build the security team in adding additional data to drive better decisions.

Responsibilities will include:

  • Define & support a framework to document the data sources within the security data lake
  • Create and implement a process to drive new data source onboarding and identifying security events in the new log stream
  • Design, Build and Support data models using both real-time and historical analysis approaches to support the SOC team
  • Create visualizations and reports to effectively convey the information discovered through data analysis to drive downstream incident discovery
  • Work closely with the security operations team to understand questions and challenges you can help solve using data science analysis methodologies
  • Drive continuous improvement in the area of incident detection by leveraging all available detection methods and log sources and work with Cyber Security Center (CSC) and Managed Security Services (MSS) SOC team to implement incident detection in the SIEM
  • Evaluate existing detection technologies/methodologies for completeness of implementation to ensure there are no implementation gaps.
  • Identity gaps in detection technologies and methodologies and drive functionality roadmap to improve the security posture
  • Recommending and/or designing security controls to remediate or mitigate identified risks
  • Collaborating with CIS Governance & Program Management by providing technical guidance and risk analysis to support development of effective security policies and review of CIS policy exceptions

Skills/Knowledge Desired:

  • Current/Hands-on experience working with ELK stack, Kafka, Kibana and Arcsight
  • Experience with architecting, deploying and integrating enterprise data with cloud-based data lake and other Hadoop, MapReduce, Kafka, Spark data streaming services
  • Event Logging, monitoring, data enrichment and correlation experience
  • Experience building and using AI and Machine learning capabilities
  • Strong understanding of security incident management, malware management and vulnerability management processes and ability to leverage vulnerability and threat intelligence to enrich/correlate security log events
  • Understanding of concepts such as anomaly detection vs signature detection or threat modeling
  • Understanding of public cloud, private cloud and virtualization technologies and security controls for the same
  • Knowledge of network security, endpoint security, authentication, and encryption technologies/concepts
  • Understanding of security & auditing/logging for applications, Compute platforms (Unix/Linux, Windows, Mainframe, Databases), Storage platforms, Network infrastructure and perimeter security technologies
  • Understanding of Networking concepts (i.e. VLANs, Firewalls, DNS, Load Balancing, TCP/UDP, NAT)
  • Understanding of authentication (i.e. LDAP/AD, OAuth, SAML, HTTP Basic)
  • Secure System Configurations
  • SANS GIAC Certification (e.g., GPEN, GWAPT, GXPN, GMON, GCIP)




About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.



The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call 888 472-3411 or email accommodation@teksystems .com for other accommodation options.

Requirements

 
MoneyJobs Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using moneyjobs.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
REMOTE Security Analytics Engineer Apply now