OPTIV

The successful candidate will possess deep technical knowledge on a number of security technologies to include cloud technologies (i.e. AWS, GCP, Azure) have a solid understanding of information security and networking, and extensive experience interacting with customers and is responsible for delivery of client specific SIEM solutions and their required data pipelines. This individual will be responsible for the creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments. The Principal Cribl Engineer will work closely with Management, Solution Architects, Senior Security Engineers from other internal teams and clients to complete high profile, critical services to existing Managed Security Service clients. This position also serves as an escalation point for critical and complex client issues, performs configuration and testing of products, assists with developing and documenting work processes and trains other members of the team. How you’ll make an impact Help lead the Cribl team by prioritizing clients work requests, projects and service tasks. Subject matter expert for onboarding data to multiple SIEM products for existing and newclients. Work closely with Management, Service Delivery and Principal Engineers in defining processes and procedures for internal projects. Analyzes and identifies areas of improvement with existing processes, procedures and documentation. Assist in team development by defining strategies and responsibilities to be successful and grow. Develop internal training methods to support Managed Services and their clients. Act as a point of escalation for Junior SIEM Engineers, as well as provide them with guidance and mentorship. Assist client activation and onboarding. Explain and demonstrate how to use SIEM products to both technical and relatively non-technical personnel and be able to showcase our data onboarding strategies internally. Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies. Interacting appropriately and professionally with both customers and partners, when required. Create innovative solutions to automate and reduce timeframes for operational changes as well as the initial installation of the platform. Configure backups, verify custom reports, manage log source groups, and validate log sources with the client. Review and apply any newly available and applicable SIEM and/or appliance/virtual appliance software or policy updates monthly. Perform formal Health Check and administrative password change. Perform formal Architectural Review. Create custom rules/rule modifications and custom reports/ report modifications as needed. Manage Cribl user accounts (create, delete, modify, etc.). Add /Remove log sources. Troubleshoot issues with log sources or systems with the vendor, and report system defects as needed. Manage product enhancement/feature requests with vendors as needed. Perform software upgrades, updates, and patches as needed. Perform technical account management duties for specific top-tier, strategic clients. Responsible for major data pipeline client environmental changes including upgrades. Create custom documentation for internal and external needs. Responsible for mentoring and training of Cribl Engineer II employees Attend vendor-specific meetings and conferences for business and professional development. Responsible for testing and configuring new products and technologies. Assist with designing and documenting work processes within the SOC. What we’re looking for Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or related field of study or at least 8 years of related experience and/or training or equivalent combination of education and experience preferred. Minimum 5years Managed Security Services or Information Security experience required. Minimum 5 years of SIEM administration, configuration and management required. Minimum 3 years of Cribl administration Security+, CISSP, GCIH, GCIA, GPEN, CEH and or other industry certifications preferred. Cribl Certified Observability Admin highly preferred ORbe willing to obtain in the near future. Experience and understanding of cloud technologies to include AWS, Google Cloud Platform, and/or Azure. Excellent written and verbal communication skills required. Solid understanding of Information Security and Networking required. Outstanding time management and organizational skills required. Ability to operate equipment or tools, specifically: Internet, e-mail, MS Office products, advanced knowledge of Excel, sound knowledge of PowerPoint required. Ability to work nights or weekends as required. Demonstrated understanding of Information Security regulations, frameworks, requirements etc. and how to map a client’s security needs to a SIEM solution required. Security and/or Networking familiarity or understanding in the following preferred. Command line interfaces Knowledge of Linux and Windows Operating Systems. Familiarity with DevOps Keen ability to diagnose and troubleshoot technical issues, excellent problem-solving skills Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Jira, Confluence, etc.). If you are seeking a culture that supports growth, fosters success, and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government, and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations – Managed Services, and Identity and Data Management. With Optiv you can expect . A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+) , Veterans Support Network, and Women’s Network. . Work/life balance. . Professional training resources . Creative problem-solving and the ability to tackle unique, complex projects . Volunteer Opportunities. ‘Optiv Chips In’ encourages employees to volunteer and engage with their teams and communities. . The ability and technology necessary to productively work remote/from home (where applicable)

foundit

You must sign in to apply for this position.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Principal Engineer – SIEM and SOAR I Remote, Bangalore

Related