A Cyber Threat SIEM Content Development analyst plays a critical role in Verizon’s enterprise computing defense. Analysts are considered thought leaders, willing to mentor and advise others, and drive the operational and strategic growth of the organization. This position provides an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats. Specifically, the role will be pivotal in developing out the overall detection capabilities for the Threat Management Center within the Splunk ES alerting system. This includes refining current rules and developing out next rules/signatures to further evolve the capabilities of the Threat Management Center. Job requires coding time and overview of operations, metrics, and investigation into logs
- Creates and develops correlation and detection rules, utilizing Regex, within Splunk ES to support alerting capabilities within the Threat Management Center
- Reviews current detection rules and, if necessary, changes use case criteria based on metrics and the needs of the Threat Management Center
- Collaboration with the Threat Management Center (TMC) to provide/implement advanced functionality to current toolsets, including custom signatures, alerting mechanisms and use cases developed from intel gathered internally (from the Threat Intelligence group) and external partners
- Develops metrics resulting from detection and alerting of SIEM and data analytics technologies
- Identifies innovative capabilities, such as custom detection signatures and identification of targeted attacks, leveraging existing Verizon security resources and tools, including Verizon’s customized intelligence platform
- Supports collaboration on the development and maintenance of the TMC security stack, such as new technology solutioning and recommendations for process/procedure changes
- Interfaces with the Threat Management Center teams to identify improvements to detection and alerting capabilities within the SIEM and Data Platforms
- Consumes results of cyber-attacks, indicators, and correlations to assist in identification of attribution and potential threat and impact to Verizon resources
- Bachelor’s degree or four or more years of work experience.
- Four or more years of relevant work experience.
Ideally, you’ll also have:
- Experience working with security tools and technologies to include knowledge management, intelligence management, SIEM, and/or data analytics systems
- Previous Information Assurance or Cyber Experience in the Telecommunications industry
- Previous experience working with SIEM technologies (i.e. Splunk, Arcsight)
- Previous experience with signature based security technologies (i.e. Snort)
- Ability to comply with any regulatory requirements
- Previous experience working with Database products
- Previous experience with developing Alerts/Rules in varying formats (Boolean, Yara, etc.)
- Previous experience working with event logging systems (Syslog) as well as event logging (Windows, Unix, Linux event logs).
- Demonstrates knowledge and understanding of cyber risks and threats related to cyber attackers
- Strong communication and presentation skills along with the ability to work in a highly collaborative environment
- Strong relationship skills and collaborative style to enable success across multiple partners.
- Demonstrates effective organizational and technical skills
- Effective verbal and written communication skills
- Two or more years of professional experience. This job role is considered experienced, but still a learner with influencing responsibility on junior team members.
- Certification (A+, Network+, Security+, CISSP, GSEC, GCED, GCIA, and GNFA) a plus
- Certification associated to SIEM Vendor technologies a plus
- Exhibit initiative, follow-up and follow through with commitments
- Ability to manage multiple priorities in a high pressure environment
- Program and Scripting Experience, especially Python, and Regex. Perl, Java, and related programming languages a plus
Not to boast, but a little bit about us
Verizon powers America’s fastest and most reliable network. We’re also leading the way in cloud and security solutions, Internet of Things and video entertainment. Technology moves fast and so do we. We believe that bringing great ideas and customer experiences to life should be recognized and rewarded. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Click here for more info: http://www.verizon.com/about/work/jobs/6660539-cyber-threat-siem-content-development-analyst
• Post ID: 49300381 northdfw