Principal Engineer
GleanSalary not specified
Full Time
Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- Bachelor of Science degree in Computer Science or related field
- 8+ years of experience in SIEM
- Skilled in both technical and soft skills, driven, proactive, with strong problem-solving, communication, and ability to participate in diverse project teams
- Experience in a large enterprise environment analyzing security event data for attack patterns and understanding attacker tactics
- Experience creating automated log correlations in a SIEM to identify anomalous and potentially malicious behavior
- Working experience with Threat intelligence teams to interpret IOC’s and use them efficiently for alerting
- Experience using multiple online sources to identify new threats
- Understanding of monitoring devices such as firewalls, network and host-based intrusion detection systems, web applications, AV, WAF, Proxy, and operating system logs
- Strong presentation and verbal communication skills
- Availability for US working hours (5PM IST to 3AM IST)
- Work from Office role in Bangalore
Responsibilities
- Serve as subject matter expert for onboarding SIEM components for existing and new clients
- Create technical documentation around the content deployed to the SIEM
- Partner with anomaly detection and incident responders to improve data quality and reduce false positives
- Recognize patterns and inconsistencies that could indicate complex cyber-attacks
- Develop SIEM correlation rules to detect new threats beyond current capabilities
- Manage appliance or virtual appliance OS and SIEM software
- Create innovative solutions to automate and reduce timeframes for operational changes as well as initial installation of the platform
- Create rules for compliance and audit requirements and create and manage Watch Lists for current threats
- Configure backups, verify custom reports, manage log source groups, and validate log sources with the client
- Review and apply newly available and applicable SIEM and/or appliance/virtual appliance software or policy updates monthly
- Perform formal Health Check and administrative password change
- Perform formal Architectural Review
- Create custom rules/rule modifications and custom reports/report modifications as needed
- Manage SIEM user accounts (create, delete, modify, etc.)
- Add/Remove log sources and troubleshoot issues with log sources or systems with the vendor, and report system defects as needed
- Manage product enhancement/feature requests with vendors as needed
- Perform software upgrades, updates, and patches as needed
- Create client-specific Watch Lists if necessary
- Perform technical account management duties for specific top-tier, strategic clients
- Responsible for major SIEM client environmental changes including upgrades
- Create custom documentation for internal and external needs
- Mentor and train SIEM Engineer II employees
- Attend vendor-specific meetings and conferences for business and professional development
- Test and configure new products and technologies
- Work with internal teams and client teams
- Work with service teams to secure various technologies
- Ensure the security of the customer's environment
- Assist with designing and documenting work processes within the SOC
Skills
SIEM
Log Correlation
Threat Intelligence
IOC
Firewalls
IDS
WAF
Proxy
AV
Anomaly Detection
Incident Response
Correlation Rules
Automation
Compliance Rules
Optiv
Cybersecurity advisory and solutions provider
About Optiv
Optiv helps businesses manage and reduce cyber risks by providing advisory services and solutions tailored to their specific needs. Their services cover the entire cybersecurity lifecycle, including strategy development, technology validation, and implementation of security measures. They serve nearly 6,000 clients across various industries, such as retail, manufacturing, and healthcare, ensuring that sensitive information is protected and digital systems remain secure. Unlike many competitors, Optiv focuses on customized solutions and ongoing support, adapting to the evolving cybersecurity landscape. Their goal is to empower organizations to secure their operations effectively and prepare for future challenges in technology, such as AI and IoT.
Denver, ColoradoHeadquarters
2015Year Founded
$12MTotal Funding
ACQUISITIONCompany Stage
Cybersecurity, AI & Machine LearningIndustries
1,001-5,000Employees
Risks
Rising competition from AI-driven cybersecurity firms like Secuvy.
Complexity in managing numerous cybersecurity tools may hinder effectiveness.
Meeting Zero Trust compliance deadlines requires significant investments.
Differentiation
Optiv offers comprehensive cybersecurity solutions tailored to diverse industry needs.
The company excels in Zero Trust architecture implementation for federal agencies.
Optiv's Future Point initiative explores AI, quantum computing, and IoT impacts.
Upsides
Optiv's AI Security Services enhance innovation and efficiency for clients.
Recognition as a leader in IDC MarketScape boosts Optiv's consulting credibility.
Increased cybersecurity budgets reflect growing demand for Optiv's services.
Related Jobs
RemoteRemoteLead Security Engineer
TimescaleSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior SIEM Engineer
Keeper SecuritySalary not specified
RemoteSenior Security Engineer
BraceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteStaff Security Engineer
CVS HealthSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteCorporate Sales Engineer, Next-Gen SIEM - SME Team (Remote)
CrowdstrikeSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteFinancial Operations Principal
AlpacaSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteLearning Experience Designer - ELA & STEM
NewselaSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteTechnical Account Manager
AltiumSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteOnboarding Specialist
RoutableSalary not specified
RemoteSr Manager, Threat Intelligence
UltraViolet CyberSalary not specified
RemoteCloud SDET III - Next-Gen SIEM (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)