Cybersecurity Engineer(Local to SC)
Role details
Job location
Tech stack
Requirements
Bachelor//'s Degree in an Information Technology or Information Security related field (8+ years of relevant work experience may be substituted in lieu of education)
5+ years of experience support large IT environments and/or system deployments
Hands-on experience with Palo Alto Cortex, XSIAM, and Cortex XDR design, implementation, administration and operational support.
Experience engineering and supporting SIEM capabilities for multi-tenant environments and 24x7 Security Operations Center operations.
Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting and alert suppression logic.
Experience creating and managing complex playbooks
CRIBL Data Modeling, log pipeline design, parsing, normalization, enrichment, routing and ingestion.
Experience developing automation, integrations, playbooks and response workflows using scripting languages such as Python and Bash.
Experience onboarding and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows and custom application sources.
Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design and industry-standard cybersecurity frameworks.
Preferred Skills
CISSP, Security+ or GIAC certification
Palo Alto Cortex, Cribl or other relevant SIEM/security platform certification
Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant environment.
Hands-on Cribl administration, data modeling and log pipeline optimization experience.
Experience supporting Tier 1 through Tier 3 SOC analysts, threat hunting, incident response and 24x7 operational handoffs.
Familiarity with industry-standard security and compliance frameworks and experience developing playbooks, runbooks, procedures and technical documentation.