GuidePoint Security
SecOps Observability Engineer - North Central region (Remote in the U.S.)
GuidePoint Security, Chicago, Illinois, United States, 60290
SecOps Observability Engineer - North Central region (Remote in the U.S.)
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
Requirements
Hands-on experience with observability products such as SIEM (Security Information & Event Management), SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl.
In-depth knowledge of log management, monitoring, and alerting techniques.
Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly.
Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms.
Ability to work with and understand log parsing, aggregation, and normalization.
Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes.
Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors.
Comfortable producing clear, concise reports and documentation related to security incidents and system performance.
Qualifications
Experience with one or more products: Observo, Tableau, CrowdStrike NG-SIEM, Splunk, Google SecOps, Palo Alto XSIAM, Elastic, etc.
Bachelor's degree in a relevant discipline or equivalent experience
Minimum 4 years in an enterprise level security consultative role building and assessing Information Security architectures and programs
Prior experience in a corporate operational or technical leadership role
#J-18808-Ljbffr
Requirements
Hands-on experience with observability products such as SIEM (Security Information & Event Management), SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl.
In-depth knowledge of log management, monitoring, and alerting techniques.
Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly.
Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms.
Ability to work with and understand log parsing, aggregation, and normalization.
Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes.
Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors.
Comfortable producing clear, concise reports and documentation related to security incidents and system performance.
Qualifications
Experience with one or more products: Observo, Tableau, CrowdStrike NG-SIEM, Splunk, Google SecOps, Palo Alto XSIAM, Elastic, etc.
Bachelor's degree in a relevant discipline or equivalent experience
Minimum 4 years in an enterprise level security consultative role building and assessing Information Security architectures and programs
Prior experience in a corporate operational or technical leadership role
#J-18808-Ljbffr