Information Security Engineer 4
The Church of Jesus Christ of Latter-day Saints
The Information Security Engineer 4 functions as a lead engineer in maintaining and evolving a successful advanced SIEM (Security Information and Event Management) system within Information Security. Additionally, this role is responsible for the successful operation of additional security monitoring tools and processes designed for real-time analysis of events and alerts generated across the enterprise to protect the assets, solutions and services by reducing time to detect and contain security incidents and risks. This person works under limited supervision.
This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel.
- Function in a lead engineering role to provide technical input for all design, implementation, and maintenance activities related to the Splunk SIEM system.
- Execute on processes to monitor, analyze and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise. This includes logs, network, endpoints, authentication, web activity, and cloud solutions.
- Provide leadership in Information Security Monitoring capabilities delivery
- Create, optimize, and continuously evaluate security monitoring content in the Splunk SIEM system.
- Design and create new detection techniques and improve existing ones.
- Identify gaps in existing security SIEM capabilities.
- Recommend and assist in SIEM technology evaluations and implementations.
- Contribute to large security projects and initiatives working with all areas of Information Services, business units, and other partners.
- Mentor junior Information Security Engineers in SIEM management and operational service delivery
- Collaborate with engineers in other groups to implement standardized practices and follow routine process to promote secure systems
- Investigate and correct new or unusual security configurations and implementations as identified by intelligence, analysts or monitoring
- Process service request tickets efficiently and reliably
- Bachelor’s degree in related field or equivalent professional experience
- 8+ years experience in security, privacy, business continuity, compliance or related field to include 3+ years of SIEM system experience including dashboard creation and log data ingestion; or 3+ years of SIEM experience including dashboard creation and log data ingestion and 5+ years of relevant work experience in the following provable expertise and skills in the following areas: attacker tactics for both enterprise and web systems, incident handling, Continuous Monitoring, Intrusion detection, ADV. Network Forensics, and Incident Response, Host Forensics and Malware, represented by industry standard recognized certificates, I.E. SANS, EC Council, etc.
- Demonstrated experience in automating Amazon Web Services using Cloud Front and Terraform.
- Demonstrated experience in automating Azure services with Terraform.
Demonstrated Skills & Abilities:
- Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks
- Demonstrated knowledge of SIEM platforms (Splunk) and concepts:
- Logging - Parsing, Normalization, Aggregation, Filtering and Enrichment
- Events - Correlation, Alerting, and Monitoring via Reports, Dashboards, Active Channels
- Health - Monitoring of varies aspects SIEM environment: application, hardware, and events
- Experience in log formats and source data for SIEM analysis
- Working knowledge of AWS and Azure cloud computing automation and security monitoring.
- Working knowledge with scripting languages such as Python used to automate monitoring, log data ingestion, and cloud service configurations.
- In-depth understanding of industry standard operating system families including but not limited to, Windows, Linux.
- Demonstrated understanding of the software development process and lifecycle with relevant software development experience.
- Effective professional written and oral communication skills
- Functions equally well in abstract conceptual and architectural work as in detailed technical implementation and configuration work
- Ability to successfully work on a team
- This job operates in a professional office environment
- To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment
Specific Degrees, Certifications, Licenses:
- CISSP required or equivalent knowledge and experience
- One or more industry certifications or additional relevant industry experience
Must be a member of The Church of Jesus Christ of Latter-day Saints and currently temple worthy.
Posting Notice/More Info.
Please Note: All positions are subject to close without notice.
Find out more about the many benefits of Church Employment at http://careers.lds.org.