Description:
We are seeking a Senior Cloud Security Engineer with specialized expertise in Security Information and Event Management (SIEM) platforms to join our team. This role is critical for developing, implementing, and maintaining our cloud-based security event logging and analysis infrastructure. The successful candidate will provide technical leadership and guidance in the deployment and operation of our SIEM solution, ensuring robust security monitoring, threat detection, and incident response capabilities across our cloud environments.
💼What kind of work will you be doing?
- Design, deploy, and manage our cloud-based SIEM platform, ensuring comprehensive visibility into security events, alerts, and logs across all cloud services and applications.
- Analyze disparate security events, alerts, and logs collected by the SIEM to derive concise and meaningful insights into potential threats and vulnerabilities.
- Execute advanced threat hunting and analysis operations within our cloud environments, leveraging the SIEM platform to identify and mitigate sophisticated cyber threats.
- Lead the development and implementation of incident response (IR) frameworks tailored to cloud environments, incorporating an understanding of computer forensics.
- Apply knowledge of malware, emerging threats, and attack patterns to enhance threat detection and mitigation strategies within the SIEM platform.
- Ensure the integrity and confidentiality of security information through proper chain of custody and control procedures, documenting all procedures and findings.
- Oversee the development and standardization of information security reporting within the SIEM platform, providing actionable insights to IT and security teams.
- Utilize scripting skills in Python and/or R to automate security analysis and reporting tasks within the SIEM environment.
- Identify security coverage gaps in cloud environments and develop prioritized remediation plans based on SIEM insights.
- Conduct technical security assessments and policy reviews to identify vulnerabilities or non-compliance issues within cloud services and applications.
- Stay abreast of security industry trends and emerging threats, providing recommendations on new SIEM features, technologies, and practices to enhance our cloud security posture.
- Provide training and mentoring to team members on the effective use of the SIEM platform and best practices in cloud security monitoring and incident response.
📝What Would Be the Perfect Qualifications?
- Demonstrated expertise in security engineering with a focus on cloud technologies and SIEM platforms.
- 7+ years of experience in information security operations, with significant experience in cloud security and SIEM solutions.
- Bachelor's Degree in Computer Science, Information Science, or a related field.
- Relevant security certifications such as CISSP, GCIH, GCFE, CISA, CISM, or specific certifications related to cloud security and SIEM technologies (e.g., AWS Certified Security, Microsoft Certified: Azure Security Engineer Associate, Certified Splunk Architect).
- Proven experience in building or engineering security solutions for cloud platforms and services.
- Strong understanding of cloud networking concepts and familiarity with major cloud infrastructure providers (AWS, Azure, Google Cloud).
- Proficiency in scripting languages such as Python or R for security data analysis and automation.
- Familiarity with common cybersecurity frameworks and standards (CIS, CMMI, NIST, ISO) as they apply to cloud environments.
- Excellent verbal and written communication skills, with the ability to convey complex security information clearly and concisely.
- Strong analytical, organizational, and research skills, with a proven ability to solve complex problems and make data-driven decisions.