Experience with one or more products: Observo, Tableau, CrowdStrike NG-SIEM, Splunk, Google SecOps, Palo Alto XSIAM, Elastic, etc...
Bachelor’s degree in a relevant discipline or equivalent experience
Minimum 4 years in an enterprise level security consultative role building and assessing Information Security architectures and programs
Prior experience in a corporate operational or technical leadership role
Responsibilities:
Hands-on experience with observability products such as SIEM (Security Information & Event Management, SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl.
In-depth knowledge of log management, monitoring, and alerting techniques.
Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly.
Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms.
Ability to work with and understand log parsing, aggregation, and normalization.
Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes.
Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors.
Comfortable producing clear, concise reports and documentation related to security incidents and system performance.