IT SIEM Threat Content Engineer

نشر بواسطة fevrokbot منذ 4 أسابيع

وصف الوظيفة

Position Summary:
The SIEM Content Engineer will serve as the principle engineering resource, and will be responsible for the care and content of the ArcSight and Splunk SIEM platforms for CVS health and its affiliates. The SIEM Content Engineer will be writing custom active lists,queries, and rules, which will present interesting anomalies to the Security Operations Center (SOC). The SIEM Engineer will have a positive impact on the security organization, and shape the way the enterprise view’s the threat landscape.

An ideal candidate will be active in the threat intelligence community, and be able to apply that knowledge to design the enterprise’s security posture by developing custom ArcSight and Splunk content based on threat intelligence. You will be required to work closely with the various internal service towers as well as application security teams on design, content, facilitating the use of the system and support the SOC and their security incident identification processes and escalation workflow.

Additional responsibilities include:
- Threat intelligence gathering.
- Correlation rules created basic on the threat intelligence gathered.
- On-board threat feeds onto the ArcSight and Splunk platforms.
- Handle escalations for active incidents.
- Service reporting and regular customer meetings.

This position will operate in a typical business week (Mon-Fri 8-5) with a potential response to incidents if needed as a consulting resource
#DCE

Required Qualifications:
-Minimum 5 years of experience and technical skills in ArcSight OR Splunk.
- Experience building & managing ArcSight or Splunk use cases & content, driven from customer requirements.
-Experience with Log Format and Source Data for SIEM Analysis.
-Implementation of SIEM Service and Design of SIEM Source Data experience
-Client facing experience with senior managers and CxO level executives.

Preferred Qualifications:
-1+ year supporting a SIEM platform in an engineering role.
-Macro and micro security analysis and experience with risk modeling.
-Understanding of networking fundamentals.
-Solid background with Windows and UNIX platforms (security or system administration).
-Strong documentation, excellent communication and exceptional problem solving skills.
-Demonstrated ability to drive process improvements and identify gaps.
-Proactive in engaging with customers, client executives and other teams.
-Proven ability to excel in a team, as an individual, in a dynamic environment and still meet deadlines.
-Industry Certifications (CISM, CISA, CCNA, MCSE, HISP, GSEC). Red Hat Linux, Scripting (PERL, Python, and BASH). -REST, SOAP and XML familiarity.

Education:



-Bachelor’s degree in Computer Science, Information Security, similar discipline or High School Diploma/GED accompanied by adequate related work experience in lieu of degree.


Business Overview:
CVS Health, through our unmatched breadth of service offerings, is transforming the delivery of health care services in the U.S. We are an innovative, fast-growing company guided by values that focus on teamwork, integrity and respect for our colleagues and customers. What are we looking for in our colleagues? We seek fresh ideas, new perspectives, a diversity of experiences, and a dedication to service that will help us better meet the needs of the many people and businesses that rely on us each day. As the nation’s largest pharmacy health care provider, we offer a wide range of exciting and fulfilling career opportunities across our three business units – MinuteClinic, pharmacy benefit management (PBM) and retail pharmacy. Our energetic and service-oriented colleagues work hard every day to make a positive difference in the lives of our customers.

CVS Health is an equal opportunity employer. We do not discriminate in hiring or employment against any individual on the basis of race, ethnicity, ancestry, color, religion, sex/gender (including pregnancy), national origin, sexual orientation, gender identity or expression, physical or mental disability, medical condition, age, veteran status, military status, marital status, genetic information, citizenship status, unemployment status, political affiliation, or on any other basis or characteristic prohibited by applicable federal, state or local law. CVS Health will consider qualified job candidates with criminal histories in a manner consistent with federal, state and local laws. CVS Health will not discharge or in any other manner discriminate against any Colleague or applicant for employment because such Colleague or applicant has inquired about, discussed, or disclosed the compensation of the Colleague or applicant or another Colleague or applicant. Furthermore, we comply with the laws and regulations set forth in the following EEO is the Law Poster: EEO IS THE LAW and EEO IS THE LAW SUPPLEMENT

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. If you require assistance to apply for this job, please contact us by clicking AA EEO CVS Health

For inquiries related to the application process or technical issues please contact the Kenexa Helpdesk at 1-855-338-5609. For technical issues with the Virtual Job Tryout assessment, contact the Shaker Help Desk at 1-877-987-5352. Please note that we only accept resumes via our corporate website: https://jobs.cvshealth.com/","educationRequirements":"


.
-Bachelor’s degree in Computer Science, Information Security, similar discipline or High School Diploma/GED accompanied by adequate related work experience in lieu of degree.

متطلبات الوظيفة

تفاصيل الوظيفة متطلبات الوظيفة
الراتب الشهري غير محدد مستوى الأقدمية غير قابل للتطبيق
المجال IT الدور الوظيفي Other
نوع التوظيف دوام كامل العطل 0
العنوان 42737
قم بالدخول أولا
0 تقدم للوظيفة

هل توظف ؟