Siem Engineer Resume Sample
Work Experience
- Has current working knowledge of various security tools, including firewalls, web proxies, DLP, IDS/IPS, WAF, etc
- Provides direct administration and ownership of SIEM to include configuration, access control, tuning, integration, and continuous improvement activities
- Build and tune custom cases, dashboards, searches, reports on SIEM platform based on cybersecurity and business needs
- Act as a point of escalation for SIEM and provide guidance and mentoring to associate security engineers/analysts
- Develop and maintain processes/procedures around SIEM based on environmental changes
- Be an ambassador for the Information Security team to other business units
- Using Splunk and/or Splunk ES
- Evaluate security technology against functional and non-functional requirements
- Document security design/engineering patterns. Evangelize best security practices in implementation, test, and deployment
- Partner with IT delivery teams to ensure successful integration of documented security solutions aligned to project solution requirements
- Contribute to architecture security reviews and consult on creating compliance processes that improve the security of Key’s products, platforms, and services
- Investigate, analyze, and evaluate new technologies and risks
- Identify opportunities for security technology and practices to provide sustainable differentiation from competitors
- Educate Key’s development teams on security technologies and standards at Key
- Identify and design new use cases that address our customer’s needs
- Evaluate existing SIEM content and use cases and adapt them to meet our customer’s goals
- Have high awareness of customer service levels when dealing with problems to ensure all SLA’s are met
- Act as the subject matter expert for the customer’s SIEM solution
- Identifies innovative capabilities, such as custom detection signatures and identification of targeted attacks, leveraging existing Verizon security resources and tools, including Verizon’s customized intelligence platform
- Perform Operational Support task for Splunk systems consisting of Incident Break-Fix support, and Standard Service Request
- Contributor works closely with Senior Engineers in supporting existing systems and initiatives
- Responsible for configuration of current enterprise security log source types into the SIEM
- Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel
- Professional experience maintaining SIEM systems
- Professional experience working with networks and network architecture
- Experience with content SIEM content creation, dashboard development, and reporting
- Splunk specific requirements
Education
Professional Skills
- Has strong visualization and communication skills enabling translation of complex concepts into practical messaging
- Keen ability to diagnose and troubleshoot technical issues, excellent problem-solving skills
- Demonstrated technical writing skills and the ability to explain complex problems to nontechnical teams
- Very good communication skills and ability to effectively communicate complex messages to stakeholders at all levels
- Strong IBM Qradar and / or Splunk skills
- Prior experience working in a Security Operations Center; working with Endpoint Detection & Response (EDR) products; Elastic Stack, Splunk, or equivalent
- Prior experience working with Endpoint Detection & Response (EDR) products
How to write Siem Engineer Resume
Siem Engineer role is responsible for security, events, translation, reporting, analysis, messaging, technical, architecture, training, integration.
To write great resume for siem engineer job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Siem Engineer Resume
The section contact information is important in your siem engineer resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Siem Engineer Resume
The section work experience is an essential part of your siem engineer resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous siem engineer responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular siem engineer position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Siem Engineer resume experience can include:
- Prior experience working in a Security Operations Center
- Prior experience working with the Elastic Stack, Splunk, or equivalent
- Can effectively work self-sufficiently across a geographically distributed team environment
- Demonstrated experience and success in a Managed Service client environment
- Experience planning, scaling, implementing, monitoring, and troubleshooting a SIEM environment
- Direct experience working with Security Incident and Event Management (SIEM) to include logging and monitoring
Education on a Siem Engineer Resume
Make sure to make education a priority on your siem engineer resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your siem engineer experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Siem Engineer Resume
When listing skills on your siem engineer resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical siem engineer skills:
- Strong technical writing skills and the ability to explain complex problems to nontechnical teams
- Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior
- Excellent communication and customer service skills with references
- Strong written & verbal communications skills (English)
- Administrative experience deploying, configuring, troubleshooting, and maintaining SIEM components
- Engineering experience creating correlation, dashboard, and reporting content using SIEM
List of Typical Experience For a Siem Engineer Resume
Experience For Senior Siem Engineer Resume
- Experience automating tasks using commonly used scripting languages for UNIX/Linux platforms
- Lead engineering team by prioritizing clients work requests, projects, and service tasks
- Experienced with version 6.3 and newer
- Experience with and in a Hadoop ecosystem specific to configuration and data management
- Explain and demonstrate how to use SIEM and Enterprise Security products (LogRhythm focus) to both technical and relatively non-technical personnel
- Explain and demonstrate how to use SIEM and Enterprise Security products (LogRythm focus) to both technical and relatively non-technical personnel
- Explain and demonstrate how to use LogRhythm SIEM and Enterprise Security products to both technical and relatively non-technical personnel
- Explain and demonstrate how to use QRadar SIEM and Enterprise Security products to both technical and relatively non-technical personnel
Experience For Principal Siem Engineer Resume
- ArcSight experience
- Looking for a results oriented, high energy person who takes pride in their work
- Knows Search Processing Language (SPL)
- Knowledgeable of Linux and Windows Operating systems (Windows and Linux knowledge required)
- Provide technical and operational security support to IT, Engineering, Legal, and business units
- Actively audit log sources to ensure all infrastructure log data is properly flowing into the SIEM
- Create scheduled reports, integration of the SIEM with multiple systems and on-boarding of the log sources
Experience For MSS SOC Siem Engineer Resume
- Enjoys working with advanced SQL data structures and queries
- Has a thirst for knowledge and a methodical approach to creative problem solving
- Is willing to obtain and maintain advanced platform-specific certifications
- Monitors, maintains & provisions h/w, s/w, network firewalls or other security devices, & encryption systems including key management & encryption s/w
- Proactively hunt for and research potential malicious activity and incidents across multiple platforms using advanced threat network and host-based tools
- Use both internal and external threat intelligence to build indicators of compromise into monitoring tools
- Provide support in the detection, response, mitigation and reporting of real or potential cyber threats to the environment
- Assist with client transition and onboarding serves as primary point of contact for Managed Security Service clients
Experience For Threat Response Siem Engineer Resume
- Performs procedures of up to high complexity necessary to ensure the ongoing core objectives of IT Security
- SIEM operation and support planning
- Excellent written and verbal communication skills are required. Ability to communicate effectively with business representatives in explaining impacts and strategies when necessary
- Upgrade and patch the SIEM and other security platforms to the latest versions
- Work with internal customers to successfully monitor data sources to meet their organization requirements
- Work with internal customers to develop requirements to meet their security objectives related to Log Management and SIEM
Experience For Qradar Siem Engineer Resume
- Provide the highest level of support for SIEM environment
- Experience with any combination of the following: Syslog, TCP/IP, Networking, Linux/Unix, Windows, OSX, Active Directory, Event Analysis, NIST standards and guidelines, Database Activity Monitoring, MS SQL, Oracle, SAN architecture, firewalls, IPS/IDS, A/V, advanced networking
- Knowledge of core security principles and tool management that is product agnostic
- Provides leadership and guidance to enhance and advance the defensive capabilities of the Threat Management Center (TMC) and its subsequent ability to defend XPO Enterprise
- Previous Information Assurance or Cyber Experience in the logistics industry
- Manage multiple priorities in a high-pressure environment
Experience For Principal Logrhythm Siem Engineer Resume
- Advanced information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.)
- Security Information and Event Manager (SIEM), to include: NitroSecurity ArcSight Q1 Labs RSA Envision Network Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva
- ArcSight Administration version 6.0+
- Act as the local subject matter expert and ambassador for our global SIEM solution
- Actively engage with the SOC on potential issues and items to investigate
- Maintain SIEM operations, documentation and knowledge of the latest active security threats
- Implement analytics-based rules to enhance and maintain visibility for the Information Security team across endpoint & network activity and audit logs
Experience For Principal Qradar Siem Engineer Resume
- Implement and communicate best practice on SIEM and Enterprise Security products to both technical and non-technical personnel
- Provide investigative support via SIEM to SOC and Security Analysts
- Off-hours and Weekend support as required to support investigations and SIEM upgrades
- Experience building, implementing and tuning SIEM event correlation rules, logic, and content in a large environment to filter out false positives and known errors
- Experience creating scheduled and ad-hoc reporting with SIEM tools
- Strong knowledge of networking and web related protocols, open-source command line utilities and scripting languages, network security controls, and log management and SIEM solutions (e.g. Arcsight, ELK, Syslog-ng, etc)
- Experience with computer forensics and investigations
- Experience with change management policies and procedures
- Experience with Cloud services such as Azure, Softlayer, or AWS
Experience For Principle Qradar Siem Engineer Resume
- A results oriented, high energy individual who takes pride in their work
- Create, modify and tune the system rules to adjust the specifications of alerts and incidents
- Ensure conversion and configuration of the use cases to SIEM rules
- Perform maintenance and administration (software updates, troubleshoot issues etc.) of the SIEM components
- Develop, implement, and execute the standard procedures for the administration, backup, disaster recovery, and operation of the ArcSight SIEM system’s infrastructure including Operating system security hardening,
- Guide the design, development and review of complex security LogRhythm SIEM content
Experience For Siem Engineer Resume
- Implement and configure LogRhythm SIEM software and appliance-based products in large enterprise and Government environments
- Guide the design, development and review of complex security QRadar SIEM content
- Implement and configure QRadar SIEM software and appliance-based products in large enterprise and Government environments
- Professional security certifications (Security+, GCIA, CEH, CISSP, etc)
- Experience in systems administration and security aspects of information systems, computer networking, telecommunications, systems development and management; significant experience with multiple technical and business disciplines required
- SANS or other Security industry certifications such as GIAC, GSEC, GCIA, GCIH, GREM, GPEN or OSCP is preferable but not required
- Deep understanding of cybersecurity threats and enterprise defenses; ideal candidatewill have prior experience as a security analyst/engineer/architect, penetration tester, or related position
Experience For Senior Siem Engineer Resume
- Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Service Now, Jira, Confluence, etc.)
- Enjoys working as part of a high-performance team
- Hold Logrhythm Certifications: LRPA and LRSE
- Is a passionate, modern security practitioner with knowledge across multiple cyber security domains and technology
- Understands in detail how the SIEM platforms supports and enables the Security Event Analyst’s success
List of Typical Skills For a Siem Engineer Resume
Skills For Senior Siem Engineer Resume
- Document actions in cases to effectively communicate status and outcomes
- Experience designing, implementing and managing (processes, technology, governance model, people) Security Operation Center is required
- Strong understanding of TCP/IP and underlying network protocols
- Experience of managing and delivering changes
- Professional experience supporting and maintaining SIEM systems
Skills For Principal Siem Engineer Resume
- Experience in engineering design and/or implementing complex Big Data management solutions
- Administer, operate, and maintain SIEM environment, including installation, configuration, tuning, and maintenance of SIEM components
- Excellent analytical, problem-solving and decision-making capabilities
- Good understanding of other technologies (e.g. firewalls, proxies, IDS/IPS)
- Experience of delivering Cyber Security projects
- Extensive knowledge and experience of configuring any SIEM toolset (e.g. QRadar, Splunk)
Skills For MSS SOC Siem Engineer Resume
- Operational and technical experience with all of the following or their industry equivalents
- Solid understanding of network transport protocols and services (TCP/IP, Syslog, ODBC, SFTP, SSH, PKI, etc.)
- Experience managing multiple projects, deadlines, and resources
- Professional experience writing SIEM content
- Experience with basic tuning of SIEM content
- Experience with SIEM content creation and reporting
- Experience working with clients in a service delivery function
- Solid working knowledge with MS Office
- Experience with AWS, Azure, or other leading cloud provider
Skills For Threat Response Siem Engineer Resume
- Working experience with a major vendor SIEM product (Qradar, STRM, ArcSight, McAfee, Splunk, LogRhythm, EMC RSA) as a SIEM engineer at a senior level
- Working experience with a major vendor SIEM product either as a SOC Analyst or as a SIEM Admin
- Has experience in supporting security technologies and SIEM related tasks
- Experience of integrating the SIEM with other systems (Vulnerability scanner, AD, etc.)
- Experience and capability of translating business driven Use case to SIEM rules on the QRadar
- Hands on IT security engineering and/or architecture experience
- Proven ability to support large scale Splunk or similar event logging solutions (ArcSight, QRadar, LogRythm…)
- Strong knowledge of multiple security platform administration and/or engineering
Skills For Qradar Siem Engineer Resume
- Good command on Python, Perl, SQL, Regex and/or Shell scripting is required
- Advanced knowledge of content creation concepts and best practices as well as networking experience
- Previous experience working with SIEM technologies (i. e. Splunk)
- Previous experience working with Database products
- Demonstrates knowledge and understanding of IT infrastructure related to cyber threats (IDS, HIDS, Firewall, Proxy, etc.)
- Experience administering SIEM technologies in a complex global environment
- Experience within Security Operations or a similar role
- Strong knowledge of Security terminologies
Skills For Principal Logrhythm Siem Engineer Resume
- Experience with industry recognized SIEM solutions
- Experience with NAC and web proxy solutions (ForeScout, Blue Coat, etc.)
- Experience in capacity planning, health monitoring, and operations
- Experience with security operations, incident Response and Log Analytics
- SOC or Incident Response experience
Skills For Principal Qradar Siem Engineer Resume
- Excellent aptitude for problem solving and IT Security
- Experience handling multiple projects, deadlines, and resources
- Experience working as a member of a geographically diverse team
- Work experience in Information Technology
- Understanding of networking basics (TCP/IP, OSI, HTTP, SMTP, etc.)
- Understanding of Unix/Linux and Windows operating systems
Skills For Principle Qradar Siem Engineer Resume
- Understanding of network appliances and architecture
- Understanding and knowledge of the principles of log management and preferably the McAfee ESM SIEM toolset
- Create collaborative environment that encourages growth and information sharing including mentoring and educating team members
- Assist in troubleshooting and problem solving a wide variety of client issues and issues affecting the security of our computing resources
- Passion for learning and figuring out how things work
- Shell scripting or automation of tasks using Perl, Python, Ruby, Powershell, bash, etc
- A moderate understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
- 45 total offices, secure operating centers and training centers
- Perform security gap analysis in support of new products as well as the tuning of existing tools
Skills For Siem Engineer Resume
- Review current reporting and compliance goals, and verify reports to ensure they are meeting these goals
- Contribute in requirement gathering, PoCs during sales process
- Provide direction on governing policies, processes, procedures, and best practices
- Collaborate with management on process improvement, documentation and definition for SIEM management and monitoring
- Knowledge of any scripting languages (Python, Perl, Shell, VBA etc)
- Knowledge and understanding of Windows and
Skills For Senior Siem Engineer Resume
- Create and fine-tune security event alerting use cases
- Establish operating processes for advanced SIEM environments
- Create best practices in this rapidly evolving area
- Additional Security Consulting Services – See USPS Services Catalog
- On-Demand Ad-hoc reporting (one-time reports)
- Shift flexibility, including the ability to provide after-hours support when needed
- World-class learning opportunities
List of Typical Responsibilities For a Siem Engineer Resume
Responsibilities For Senior Siem Engineer Resume
- Performing malware and forensic analysis including memory capture and analysis
- Upporting Linux and Windows based platforms
- Deep understanding of network transport protocols and services (TCP/IP, Syslog, ODBC, SFTP, SSH, PKI, etc.)
- Analyzes emerging technology trends with security vendors & SME's
- Policy implementation and maintenance specific to the SIEM platform
- Close communication with the Cyber Defense Center, Incident teams, and SIEM stakeholders
Responsibilities For Principal Siem Engineer Resume
- $2 billion in sales in 2015
- More than 7,500+ clients served in the past three years
- Works with 69 percent of the Fortune 100 and 57 percent of the Fortune 1000
- More than 250 employees in Colorado (corporate headquarters in Denver, CO)
- Nearly 400 employees in Kansas City
- 250+ dedicated client managers (sales reps)
- 1,200+ cyber security experts
- Shift flexibility, including the ability to provide on call support when neededDemonstrated experience and success in a Managed Service client environmentValid Driver’s LicenseAbility to work greater than 40 hours per week as needed
- Shift flexibility, including the ability to provide on call support when needed Demonstrated experience and success in a Managed Service client environment, valid driver’s license, ability to work greater than 40 hours per week as needed
Responsibilities For MSS SOC Siem Engineer Resume
- Demonstrated understanding of Information Security regulations, frameworks, requirements etc. and how to map a client’s security needs to a SIEM solution required
- Experience with various other SIEM security products such as: QRadar, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc
- Develop and maintain Python scripts
- An understanding of a wide array of server grade applications such as DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
- Experience with various SIEM security products such as ArcSight, QRadar, Nitro, Splunk, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc
- Well known protocols and services (FTP,HTTP,SSH,SMB,LDAP)
- Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep)
- Experience with various SIEM security products such as: LogRhythm, ArcSight, QRadar, Nitro, Splunk and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc
- Experience with various SIEM security products such as: LogRythm, ArcSight, QRadar, Nitro, Splunk and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc
Responsibilities For Threat Response Siem Engineer Resume
- Professional experience in the cyber security field
- Develops & executes security controls, defenses & counter measures to intercept & prevent internal/external attacks or attempts to infiltrate company systems
- Researches attempted and/or successful efforts to compromise systems security & designs countermeasures
- Examine and understand threats at the packet level, in various applications, and databases as well as an understanding of how the technologies communicate
- Administers security policies to control physical & virtual access to systems, encryption of sensitive & confidential data, software patching, security penetration tests & other policies enforced by infrastructure components
- Understanding of Info Security Compliance, Design & Administration
- Monitors security toolsets & administers information security processes & policies -Completes customer & vendor assurance projects. Assist End Users with issues related to security products
Responsibilities For Qradar Siem Engineer Resume
- Works with systems or applications teams to understand compliance requirements
- Coordinates & analyzes compliance with regulations
- Design & architect new information security infrastructure solutions
- Designs and/or adapts security policies
- Report common and repeated problems (trend analysis) to management and propose process and technical improvements
- Identify security goals, objectives and requirements for continuous improvement of services
- Maintain, monitor and investigate audit logs with a strong ability to perform in-depth security forensics to effectively identify and manage suspicious activity
Responsibilities For Principal Logrhythm Siem Engineer Resume
- Provide written and verbal reports and updates to customers/business units
- Develop and maintain up to date Run-Books and/or Standard Operation Procedures to maintain relevancy, address current/emerging threats and technology, and ensure constant improvement that meet industry standards and emerging attacks and threats
- Create and Follow Use Cases for alerts for security events
- Guide the design, development, and review of complex security SIEM content
- Develop use cases, rulesets, and content definitions based on numerous intelligence and detection products
- Design, develop and review complex SIEM content based on endpoint events, network events, and threat intelligence
- Work with security analysts, intelligence analysts, SIEM engineers, and customers to continuously improve published content
Responsibilities For Principal Qradar Siem Engineer Resume
- Manage a content library on multiple platforms for hundreds of unique customer environments
- Follow change/release management procedures applicable for production environments
- Relevant IT certifications such as CCNA, CCNP, etc
- Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
- Experience with enterprise Security Information Management Systems, log storage, behavioral analytics design, testing, development, migration, and integration
- Experience Linux Operating System (OS) Administration, Transmission Control Protocol / Internet Protocol (TCP/IP) - possesses fundamentals such as the various Open System Interconnection (OSI) layers), and Scripting and automation skills (Bash, Perl, etc.)
Responsibilities For Principle Qradar Siem Engineer Resume
- Expertise in Splunk & other similar marketplace products
- Be hands–on in management of SIEM infrastructure including deployment and configuration, log on-boarding and parsing, reference data management, and integration with other security tools
- Liaise with the Security Operations Center to develop detection capabilities
- Performs basic to complex security reviews to ensure compliance with internal security standards and regulatory requirements
- Recommends new policies and procedures to management and has wide latitude to devise on the best course of action for new procedures
- Recommends course of action for low to moderately complex situations
- Serves as technical lead on functional teams or projects and serves as a best practice / quality resource
- Acts as a subject matter expert for at least one area within IT Security (ITIM, SOC, etc.) to ensure that the user community understands and adheres to necessary procedures to maintain security
Responsibilities For Siem Engineer Resume
- Investigates and resolves security incidents as needed
- Ensures that IT Security architecture / designs, plans, controls, processes, standards, policies, and procedures are aligned with IT standards and overall IT Security objectives
- Identifies security risks and exposures, determines the causes of security violations, designs and implements procedures to prevent and mitigate future incidents
- Explain and demonstrate how to useSplunkSIEM and Enterprise Security products to both technical and relatively non-technical personnel
- Configure backups, verify custom reports, manage log source groups, and validate log sources with the client
- Experience with Remedy/ServiceNow/JIRA
- Experience as a Windows Server Administrator or Linux/Unix system administrator
- Operate equipment or tools, specifically: Internet, e-mail, MS Office products, advanced knowledge of Excel, sound knowledge of PowerPoint required
Responsibilities For Senior Siem Engineer Resume
- Hands on experience on QRadar SIEM deployment, configuration and maintenance is highly desired
- Malware analysis experience
- Develop and deploy Splunk SIEM content and reporting
- Subject matter expert for onboarding SIEM components for new MSS clients
- Working in IT security role of any kind