Siem Engineer Ii

Summary

Join Deepwatch's team of cybersecurity professionals as a SIEM Engineer II. This remote position requires expertise in Google SecOps, Linux administration, and excellent customer interaction skills. You will configure and maintain Google SecOps deployments, troubleshoot issues, collaborate with colleagues, and consult with customers. The role involves advanced troubleshooting, system administration, and acting as an escalation point for the team. Deepwatch offers competitive compensation, stock options, and a comprehensive benefits package.

Requirements

• Have SIEM Certifications (Google SecOps) and/or equivalent demonstrable advanced experience with SIEM administration
• Have your Linux Foundation Certified System Engineer (LFCS) or Red Hat Certified Engineer (RHCE) certification and/or broad demonstrable Linux System Administration skills (e.g., CentOS, RedHat, Ubuntu, etc.) including experience with file permissions, certificates, manipulation & editing of files, system tuning, security permissions, troubleshooting, network connectivity, and automation
• Demonstrate a working knowledge in at least three of the following areas: Enterprise network architecture/administration, Enterprise Network Infrastructure Engineering or administration, Cloud engineering and administration, Endpoint Engineering and Administration, Identity and Access Management, DevOps, Security Operations Center (SOC), or SIEM Architecture and Engineering
• Be comfortable providing customer-facing operational support in cybersecurity or information technology operations
• Communicate effectively and timely in a technical & customer facing environment
• Demonstrate an excellent customer service mentality
• Be self-driven and enjoy solving problems collaboratively
• Have proficient understanding of cloud infrastructure administration (e.g., Google , AWS, Azure, GCP, etc.)
• Demonstrative knowledge of Docker administration
• Demonstrable case management best practices
• Be interested in and able to work remotely from a home office when not at a corporate office
• Pass a pre-employment background and drug screen in accordance with applicable laws
• Have basic experience with: Leveraging configuration management/orchestration tools such as Ansible or AWX, Puppet, Terraform or other
• Programming/scripting tools to help automate routine tasks (e.g., Python, Bash, Powershell, etc.)
• Version control tools (e.g., git,perforce,etc)
• ITIL Service Management or Agile Scrum methodologies

Responsibilities

• Configure, manage, and maintain Google SecOps deployments to include clustering and high availability scenarios in our customer environments
• Monitor and manage performance of deployed Google SecOps systems through various means
• Secure deployed Google SecOps systems and solutions to industry best practices
• Perform advanced troubleshooting, upgrades, and configuration of Google SecOps, including Google SecOps integrations and apps
• Perform advanced troubleshooting, configuration, upgrades, and administration of Linux Operating Systems
• Collaborate with fellow Deepwatch experts to deliver superior efficiencies and enhancements to the customer via the Deepwatch Security Platform
• Consult with customers, in all roles, including leadership, to effectively deliver security solutions, and architecture recommendations
• Be an escalation point for the SIEM Operations and Engineering team; focusing on excellent customer service and triaging of issues strategically in a timely manner
• Prioritize and deliver solutions to deliverables from a wide range of engagements including: Platform Operations and Engineering Management, cases created, and escalations for technical issues
• Be part of the on-call rotation for critical production support outages
• Mentor less experienced engineers, as needed
• Participate in projects/initiatives as needed
• Create and maintain documentation for customer environments, processes and best practices
• Raise environmental and platform risks to management to avoid unnecessary Risk exposure
• Keep up-to-date with information security news, techniques, and trends

Preferred Qualifications

• Basic experience with: Leveraging configuration management/orchestration tools such as Ansible or AWX, Puppet, Terraform or other
• Programming/scripting tools to help automate routine tasks (e.g., Python, Bash, Powershell, etc.)
• Version control tools (e.g., git,perforce,etc)
• ITIL Service Management or Agile Scrum methodologies

Benefits

• Medical, dental, vision, and disability insurance
• Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
• Unique professional development benefits, starting at $3,000 annually
• Wellness contests and monthly educational programs
• 401(K) retirement program with employer match