Senior Security & Event Management (SIEM) Engineer
Defense Unicorns
This job is no longer accepting applications
See open jobs at Defense Unicorns.See open jobs similar to "Senior Security & Event Management (SIEM) Engineer" Sapphire Ventures.Role Description
We are seeking a highly skilled and experienced Senior Security Information and Event Management (SIEM) Engineer to join our dynamic team. This newly created role will be an integral part to our Unicorn Security Vanguard Team (cybersecurity team), and will play a critical role in ensuring the integrity and security of our Enterprise applications and Unicorn Delivery Service Product by integrating and aggregating audit logs from various sources into our SIEM tool. You will be responsible for all aspects of the SIEM, including, but not limited to ensuring smooth and efficient collection from various sources into the SIEM, proactive monitoring of the ingested data, identifying anomalies, or potential security threats, developing and maintaining effective alerting via customized triggers and minimizing false positives, which allows for timely notification and response to security incidents. This role offers a unique opportunity for career development and progression. You'll gain valuable experience in security operations, with the potential to become the primary point of contact (POC) for our 24/7 Security Operations Center (SOC).
The listed responsibilities are not exhaustive and additional responsibilities may be assigned based on the evolving needs of the organization. We are seeking a dynamic individual who is able to adapt and take on new responsibilities as they arise.
Responsibilities:
- Lead the implementation and maintenance of SIEM solutions to collect, analyze, and correlate security events from diverse sources.
- Integrate audit logs from various enterprise tools, including but not limited to Google Workspace, Slack, our password manager, device manager, Github, AWS and other cloud platforms, into the SIEM tool.
- Configure and tune SIEM correlation rules and use cases to identify security incidents and anomalies.
- Monitor SIEM alerts and respond to security incidents in a timely manner, escalating as necessary to the engineering team for further investigation and remediation.
- Collaborate with cross-functional teams, including Product engineering, cloud infrastructure engineering, and IT admins, to ensure effective integration and operation of security controls.
- Provide subject matter expertise and technical guidance to junior team members and stakeholders on SIEM best practices and security monitoring techniques.
- Stay current of emerging threats, vulnerabilities, and industry trends in cybersecurity, and recommend proactive measures to enhance our security posture.
Preferred Experience and Qualifications:
- 3+ years of experience in cybersecurity engineering, with a focus on SIEM implementation and administration.
- Strong proficiency in SIEM platforms such as Crowdstrike, Google Chronicle, Splunk, ArcSight, or QRadar, including log ingestion, data normalization, and rule creation.
- Expertise in integrating audit logs from enterprise security tools and systems, such as firewalls, enterprise applications, and cloud services.
- Experience with scripting and automation using languages such as Python, PowerShell, or Bash.
- Knowledge of cybersecurity frameworks and standards, such as NIST 800-171 and 800-53.
- Excellent analytical and problem-solving skills, with the ability to troubleshoot complex security incidents and recommend effective countermeasures.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with team members and stakeholders in a remote work environment.
- Relevant certifications such as CISSP, CCSP, EC-CSA, or GIAC Certified Detection Analyst are highly desirable.
Must Haves: (based on gov contract requirements, privileged access, CUI & export-controlled data access):
- Must be a US citizen (EMPLOYER IS A CONTRACTOR FOR THE U.S. GOVERNMENT.)
- Hold a security clearance / Eligible to apply for a security clearance
- Possess a DoD 8570 IAT II Certification (or able to obtain w/in 6 months of start date, offer contingent upon obtaining cert)
Travel Expectations/Requirements: 5%-10% - This is a remote US based position. Travel would consist of company retreats and team building events/conference attendance.
Full compensation packages are based on candidate experience. Compensation ranges are established using national benchmarking data and apply across all geographic locations within the United States.
Who We Are: Defense Unicorns delivers mission value by streamlining software delivery so our customers can focus on the most important challenges. We share a vision of freedom and security for the advancement of progress and innovation. Our commitment to this vision, and to our mission-driven customers, means a commitment to speed, user experience and optionality, without compromising security. Our team is composed of innovators, software engineers, and veterans with decades of experience delivering technology programs across the federal market.
What We Do: We create and deliver secure solutions for continuous software integration and delivery. Defense Unicorns consolidates the best practices for security pipelines, testing, and deployment automation in order to meet the high security requirements valued by mission owners. Our solutions are agnostic by design and we believe that growing a robust ecosystem of secure, cloud-native software solutions can help enterprise customers inside and outside the federal market buy and integrate software more easily.
Who We Serve: Defense Unicorns’ customers are mission-focused leaders across public and private enterprises. We proudly support defense and civil agencies across the U.S. government and we work closely with the creators of leading-edge software solutions to deliver value to the mission-owner by improving the security and consumability of commercial software products.
What We Work On:
- Kubernetes
- Cloud Environments (AWS/GCP and Azure)
- Infrastructure-as-code (like Terraform/Pulumi)
- Continuous Delivery and automation tooling
- GitOps
- Containers
- CNCF projects and open source products and packages
- Helm/Kustomize-Value Stream Mapping
- Building and improving security delivery
- Building Kubernetes and cloud native applications
Benefits Our Unicorns Enjoy:
Health:
- Medical/Dental/Vision
- Premiums are 100% Company Paid
- Health Reimbursement Account
- Life Insurance
- Disability Insurance
Financial:
- 401k with Employer Contribution (Regardless of Employee Contribution)
- Company Stock Options
- Home Office Setup Budget
Leave:
- Unlimited paid time off, with a mandatory 10 days off on top of 11 federal government holidays, week of Thanksgiving, last two weeks of December (including New Year’s Day)
- Paid Parental Leave
Learning:
- Reimbursement for approved trainings/subscriptions
- Conferences (travel, lodging, and fees)
Defense Unicorns is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
This job is no longer accepting applications
See open jobs at Defense Unicorns.See open jobs similar to "Senior Security & Event Management (SIEM) Engineer" Sapphire Ventures.