US
0 suggestions are available, use up and down arrow to navigate them
Senior Security Engineer - SIEM and U...

Apply to this job.

Think you're the perfect candidate?

Senior Security Engineer - SIEM and UBEA

Marriott Oklahoma City, OK (Onsite) Full-Time

Job Number 24169211 Job Category Information Technology Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States Schedule Full-Time Located Remotely? Y Relocation? N Position Type Management JOB SUMMARY We are seeking a highly skilled and experienced Senior SIEM and UEBA Engineer to join our cybersecurity operations team. The ideal candidate will have extensive experience in security architecture and engineering, with a strong focus on SIEM, UEBA platforms and log management. Responsibilities include design, implementation, and maintenance of SIEM, UEBA and log management systems. This role will provide engineering support for Insider Threat and Detection Engineering analytics teams to support development of threat detections. CANDIDATE PROFILE Education and Experience Required: Bachelor's degree in Computer Sciences or related field or equivalent experience/certification 3+ years of experience in: Security architecture and engineering experience on SIEM, UEBA, and log collection and management platforms. Scripting language experience (nix shell scripting, Python, PowerShell, etc.) and regular expressions Linux and Microsoft operating systems (advanced knowledge) 5+ years of experience in some or all of the following: Experience working in (or with) security functions such as SOC, CIRT, security engineering, risk management, vulnerability management. Technical infrastructure operations, administration, or systems engineering Preferred Skills/Experience: Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) or an equivalent . Splunk Certification, including Splunk Enterprise Security Certified Admin Cribl Certified Admin: Stream Working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 Working knowledge of the MITRE ATT&CK Framework Exabeam UEBA platform and Advanced Analytics administration Splunk Enterprise platform and Splunk Enterprise Security administration Hands on experience with logging implementations for services/assets incloud service provider platforms (AWS, Azure, GCP) Familiarity with Identity and access management systems, firewalls, next-gen anti-malware, intrusion detection and prevention systems, proxies, reverse proxies, credential vaults, and database fundamentals. Knowledge of IP networking Solid written and verbal communication skills Core Responsibilities What You'll be Doing: Designing, implementing, and maintaining the SIEM, UEBA, and log management systems. Implementing and maintaining data pipelines to analytics platforms to support threat detection with SIEM, UEBA, and other log collection and management tools. Working with Insider Threat, Detection Engineering, and other security analytics teams to support the development of threat detection analytics. This includes integrations, data onboarding, data normalization, and stack tuning, for SIEM and UEBA platforms. You'll also collaborate with other security analytics teams to support data onboarding and other data management work for analytics development in Amazon Security Lake. Collaborating with stakeholders in Global Information Security, Enterprise Architecture and other IT teams on the development of procedures, standards, integration and operability patterns for logging and monitoring. Identifying and resolving escalated engineering-level analytics platform performance and functional problems for SIEM, UEBA, and log management systems. Collaborating with other teams such as Security Architecture, Security Engineering, Policy and Compliance, network operations teams, dev ops teams to ensure the security of our infrastructure through the application of security controls for SIEM, UEBA, and log management systems. Keeping pace with the latest security trends, threats, and technologies and making recommendations for improvements to our security posture. Providing technical guidance and mentoring to junior team members. Creating reports on analytics platform operations, documenting engineering processes, creating SOPs, and presenting findings and issues remediation plans to management and other stakeholders Provide direction and support for the development of platform metrics, dashboards, and reports for analytics platforms to support operational monitoring. Additional Responsibility: Contribute to ongoing development and maintenance of documented standards, workflows, and best practices within the Analytics Platform Engineering discipline. Research emerging threats and adversary tactics, techniques, and procedures to understand the threat landscape and the implications on our analytics platform architecture and configurations to maintain good security posture. Provide governance support for the analytics platforms such as platform management standards and change oversight. Support budgeting work with analysis of analytics platform resource and licensing utilization and forecasted needs. Occasional participation in evaluations of new platforms, technologies and methodologies pertaining to security monitoring. Attend SCRUM and prioritization meetings to review and update deliverables. Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work," begin your purpose, belong to an amazing global" team, and become the best version of you.

Recommended Skills

  • Administration
  • Architecture
  • Certified Information Security Manager
  • Certified Information Systems Security Professional
  • Coaching And Mentoring
  • Communication

Apply to this job.

Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job: Report this job

Job ID: U-116087988111

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.