Position Details:

Position: Cloud SIEM Engineer

Location: Chicago, Denver, Washington DC

Duration: 12-18 Months (Possibility of Full-Time Conversion)                              

Must Haves:

• 3+ years of proven experience in SIEM and security operations
• 3+ years of experience with Splunk, certifications
• 3+ Year experience with detection and response-based security controls in at least one Public Cloud environment
• 2+ years of experience with WIZ
• Understanding of Threat Modeling and Detection Engineering best practices.
• Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms.
• Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.
• Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes.
• Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.
• Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform)
• Experience with Git base source code Management.
• Experience in Agile teams
• Bachelor’s or master’s degree in computer science, Information Security, or a related field or equivalent experience

Day To Day:

• As an Individual Contributor with significant Cloud (AWS or Azure) and Security Information and Event Management (SIEM) domain experience collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and enhance the team's capabilities.
• Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS Guard Duty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS Security Hub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the banks platform and workloads.
• Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals.
• Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases.
• Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs.
• Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats
• Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities.
• Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle.