This is a technical leadership position within a fast-paced, rapidly-expanding, and dynamic managed services security provider. The Information Security Engineer/Architect – Data/SIEM Focused is the senior most data-focused technical position within the company. They lead significant project efforts, influence enterprise business decisions, and collaborate with individuals at all levels of the organizations – internal and external. This individual will be part of a team that establishes security processes and tools while collaborating heavily with enterprise organizations to provide best is class services. Candidates will need to be very strong in managing large data sets, various large data platforms, Splunk, Hadoop, Elasticsearch (ELK stack), etc. Other SIEM experience, scripting, API familiarity is a plus as well.
- Manages the companies SIEM infrastructure.
- Focuses on developing large data security offerings for clients.
- Leads in securing enterprise information, systems, and development by developing and/or reviewing security requirements; planning, designing, and reviewing business and security systems; creates architectural artifacts; provides standards and governance oversight for the enterprise as it relates to SIEM/large data sets.
- Leads and participates in discovery efforts related to the introduction of new technologies.
- Defines security standards and leads in the use and adoption of frameworks that align with overall business and technology strategy.
- Maintain and update architecture systems of record.
- Participate and guide engineering and other subject matter experts on best practices.
- Leads in the governance and interpretation of architectural standards, design concepts, and frameworks.
- Monitors industry security updates, technologies, emerging threats, and best practices to improve security management.
- Designs and collaborates on solutions that balance business requirements with information and security requirements for both internal and client systems.
- Identifies security design gaps in existing and proposed architectures and recommend changes or enhancements to existing processes or systems.
Should have extensive experience and strong knowledge in many of the following areas:
Industry relevant experience is preferred at 5+ years
- Extensive large data experience (Splunk, Hadoop, ELK, etc.).
- Several years working knowledge of Splunk.
- Splunk specific certifications a plus.
- Previous SIEM experience a plus.
- Security Operations experience a plus.
- Scripting, API calls a plus.
- Cloud architecture experience a plus (AWS, Azure, etc.).
In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.