Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.
Role Summary This SIEM/Securonix Architect position is an integral part of our Managed Services team.
In this role, you will work with our customer(s) supporting our mission to help them quickly and completely adopt Securonix.
This is a highly technical, hands-on role that will focus on architecting, planning, implementing, and operationalizing the SIEM platform.
The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customers.
Securonix Next-Gen SIEM and UEBA experience, although desired, is not required, but the candidate must have SIEM and SOAR software expertise and be willing to train on the Securonix platform and products.
Primary Responsibility: •
Lead end to end SIEM implementation or integrations in a customer environment.
Understand customer business requirements and the threat landscape applicable to their industry’s vertical sector to develop tailored success criteria
Analyze complex customer networks and develop deployment architecture.
Coordinate with service delivery managers, management, engineering, maintenance, and operational support teams
Develop content, use cases, data models, dashboards, and connectors to support custom user requirements.
Engage with customers, Securonix product development teams to gather user requirements and suggest new product features and help improve existing product features.
Training and enabling customers and partners for successful adoption.
Minimum Requirements: •
8-10 years of experience in the information security field.
Strong understanding of SIEM and UEBA solutions such as Securonix, Splunk, Logrhythm and Exabeam.
Working knowledge of cloud technologies such as Amazon, Azure and Google
Good understanding of Hadoop ecosystem and Apache technologies.
Good understanding of MITRE ATT&CK matrices, kill chains and other attack models.
Ability to communicate effectively with all levels of an organization from Engineering/Operations to CIO/CISO audiences
Strong knowledge of scripting languages such as Python, Powershell is preferable though not mandatory.
Industry certifications such as CISSP, CISM Preferred:
BS in Computer Science, Information Systems, CyberSecurity
4-5 years of experience in SIEM/UEBA deployment
Working knowledge of Machine learning in cybersecurity
Good understanding of log collection methodologies and aggregation techniques such as Syslog-NG, Nxlog, Windows Event Forwarding
Experience integrating endpoint security and host based intrusion detection solutions
Experience with network forensics and toolsets such as Wireshark, PCAP, tcpdump