Security Engineer
Reeve Associates - San Antonio, TX

This job posting is no longer available on Reeve Associates. Find similar jobs: Security Engineer jobs - Reeve Associates jobs

This 12 Billion dollar Commercial Bank is looking for a Security Engineer with RSA NetWitness, RSA Archer experience. The job is working in the cyber security group. The position would be working directly with the head of this department. The candidate will be a material contributor to the overall success of the security function, not just a cog in a wheel for a huge company, but a material factor in the overall security program. The security specialist will be focused on SIEM-Security Information Event Management, Event Management and logging and Database Activity Monitoring technologies in place the cyber security team. Main responsibilities will be to work with Engineering and drive enrollment of Technologies. Conduct a gap analysis of coverage and effectiveness of current SIEM and Databases. Developing use cases for next generation Security Detection. This candidate will assist Information Technology teams responsible for driving successful development and implementation of the Security Information Event Management program and Database Activity Monitoring across the corporate environment.

Responsibilities :
  • Support all technical aspects of the SIEM design and implementation
  • Demonstrate technical expertise with security infrastructure architecture design/implementation and management
  • Coordinate activities with infrastructure engineers, network engineers, DBAs, and information security personnel
  • Gather and understand technical requirements related to functionality, design, and integration
  • Assist in the design of log collection and data flow between solution and target systems
  • Exchange information with solution vendor
  • Help troubleshoot the log collection from networking devices, operating systems, databases, security applications, and more
  • Configure queries, correlation rules, dashboards, alerts, searches, reports, etc., based on operating systems, platform, data type, and other reporting elements
  • Support and enhance event parsing, log collection and storage, compliance automation, and identity monitoring activities
  • Help develop processes and procedures around security event management

Requirements :
  • Strong understanding of firewall, intrusion detection and prevention, endpoint security, and application layer gateway technologies.
  • Operational knowledge of systems, databases and network security engineering best practices.
  • Experience architecting large scale systems for Database Activity Monitoring and SIEM.
  • Experience developing and implementing security operations center procedures and process
  • Solid problem solving and analytical skills; able to quickly digest issues encountered and recommend an appropriate solution
  • Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
  • Implement simplified security metrics approach that enables executive leaders, line managers, and operational staff to quickly take action on application security related risks
  • Develop and optimize processes to improve security threat identification and remediation
Must Haves:
  • Hands-on experience deploying a SIEM
  • Knowledge and experience with SIEM concepts, implementations, and technologies
  • Team player willing to share knowledge and learn from others
  • Knowledge and experience with intrusion detection systems (IDS/IPS), firewalls, DLP, and other network-based security solutions
  • RSA NetWitness experience
  • RSA Archer experience
  • Routing and Switching expertise
  • Cisco ISE expertise
  • RSA Archer expertise and/or experience
  • Iron Port Expertise
  • RSA Data Loss Prevention Suite
  • RSA multi-factor authentication
  • Cloud Security
  • Experiences with regulatory compliance
  • CISSP certified