Cloud SIEM Engineer

Job Titile: Cloud SIEM Engineer
Duration: 18+ months Potential to convert full time
location: Chicago, IL / Denver, CO / Washington, DC 3x a week hybrid

Summary:
Join our dynamic team and make a significant impact on our organization's security posture as our Cloud SIEM Engineer. If you are a dedicated and forward-thinking professional with a passion for security and innovation, we invite you to apply and contribute to our mission of safeguarding our valuable assets and data from evolving cyber threats.

Responsibilities:

• Collaboration: Work as an Individual Contributor with a talented team to drive Detection Engineering in SIEM or SOAR within AWS environments, utilizing tools like AWS GuardDuty, CloudWatch, and SecurityHub.
• Development: Enhance SIEM and SOAR capabilities by coding, testing, and deploying custom applications. Integrate various data sources and security tools to improve threat detection and response.
• Incident Management: Develop strategies for proactive threat detection and efficient incident response. Analyze security incidents and collaborate with the Incident Response team to refine procedures.
• Performance Optimization: Monitor and optimize SIEM and SOAR systems, implementing upgrades to support growing data volumes and conducting load testing to ensure performance.

• Cloud experience - AWS and/or Azure
• WIZ - tool; security posture tool (setting the right permissions in the cloud looks and finds vulnerabilities ) - someone with exp setting this up
• Splunk querying experience - Microsoft sentinal, Splunk ES, IBM Qraded, Securonix, Exabeam Fusion, LogRhythm SIEM (competitors)
• Huge plus: Anvilogic - moving this way, need it implemented in the bank by End of Q1 (someone with this experience is ideal)

Key Qualifications: