Job#: 2055398Job Description:Apex Systems, a World-Class Technology Solutions Provider, is seeking
applicants for the below position on behalf of our client. Please apply if
interested and qualified. Please note that only qualified candidates will be
contacted.Position: Cloud SIEM Engineer
Locations: Washington DC, Denver CO, Chicago IL - 3 days onsite/2 days remote
Duration: 12+ months contract
Pay Rate Range: $75+/hr W2
ALL APPLICANTS MUST BE ABLE TO WORK DIRECTLY ON APEXS W2 WITHOUT SPONSORSHIP
NEEDED NOW OR IN THE FUTURE
Key Responsibilities:
Leadership and Development: As an Individual Contributor with significant
Cloud (AWS or Azure) and Security Information and Event Management
(SIEM) domain experience collaborate and influence a team of talented
developers in a collaborative and high-performing work environment. Set and
achieve clear objectives, provide clarity and regular feedback, and
enhance the teams capabilities.
AWS Detection Engineering: Understand and help drive Detection Engineering
efforts in SIEM or SOAR as appropriate within AWS environments, using
technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS
CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM
technologies to help defend the clients platform and workloads.
SIEM and SOAR Software Solution Architecture and Design: Collaborate with
internal stakeholders, including cybersecurity experts, IT operations,
and business units, to understand security requirements and business goals.
Architect and design scalable and resilient SIEM and SOAR solutions that can
effectively handle diverse data sources and complex security analytics use
cases. Conduct regular reviews and refinement of the architecture to
accommodate changes in the threat landscape and business needs.
Development and Implementation: Provide your expertise to augment the SIEM
and SOAR development teams in coding, testing, and deploying custom
applications to enhance the capabilities to detect advanced threats. Implement
integrations with various data sources, security tools, and external
threat intelligence feeds to enhance threat detection and response
capabilities. Ensure compliance with coding standards, security best
practices, scalability, resiliency concepts, and data privacy
regulations throughout the development lifecycle.
Security Incident Management: Develop and refine strategies for proactive
threat detection, incident identification, and efficient response and
remediation. Conduct thorough analysis of security incidents, ensuring root
cause analysis, and implement corrective actions to prevent future
occurrences. Collaborate with the Incident Response team to enhance incident
handling and escalation procedures.
Performance Optimization and Scalability: Continuously monitor the
performance of the SIEM and SOAR systems and identify areas for optimization
and enhancement. Evaluate and implement appropriate infrastructure upgrades to
support increasing data volumes and maintain optimal system performance.
Conduct load testing and performance tuning exercises to ensure the SIEM and
SOAR platforms can handle ever expanding peak operational loads.
Compliance and Policy: Ensure adherence to industry standards, regulatory
requirements, and internal security policies in all aspects of SIEM
development and operation. Collaborate with the Compliance team to fulfill
audit requests and participate in security assessments and penetration testing
exercises.
Research and Innovation: Stay informed about the latest cybersecurity
threats, trends, and emerging technologies relevant to SIEM and SOAR
development and security operations. Evaluate new SIEM and SOAR tools,
Detection Engineering technologies, and techniques to improve the
organizations security posture and stay ahead of potential threats. Stay
informed about Cloud detection and response security controls.
Required:
3+ years of proven experience in SIEM and security operations (e.g.,
Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel,
Google Chroni
3+ years of experience with Splunk, certifications preferred
3+ Year experience with the detection and response-based security controls
in at least one Public Cloud environment (e.g., AWS, GCP, Azure).
2+ years of experience with WIZ
Understanding of Threat Modeling and Detection Engineering best practices.
Proficient programming skills in languages such as Python, Java, or
C, with a solid understanding of data structures and algorithms.Please note that as a contract employee of Apex Systems, benefits include
the below with employee contribution
Health
Dental
Vision
Life Insurance; Short Term Disability
Hospitalization Coverage
Direct Deposit
Weekly Pay Periods
Training and Development Programs
401k
Referral ProgramEEO EmployerApex Systems is an equal opportunity employer. We do not discriminate or allow
discrimination on the basis of race, color, religion, creed, sex
(including pregnancy, childbirth, breastfeeding, or related medical
conditions), age, sexual orientation, gender identity, national
origin, ancestry, citizenship, genetic information, registered
domestic partner status, marital status, disability, status as a crime
victim, protected veteran status, political affiliation, union
membership, or any other characteristic protected by law. Apex will consider