What are the responsibilities and job description for the Security Engineer position at MGT?
Responsibilities:
Design and implement various engineering solutions by working with other stakeholders.
Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms.
Experience with building and managing Security Data Lake and Data Warehouse.
Define SIEM and SOAR platform standards including data schema, modelling, normalization, monitoring and alerting.
Define standard patterns to integrate different systems into SIEM platforms
Ability to develop different scripts and products RegEx for configuring policy to detect security alerts as per threat, anomaly, etc.
Ability to conduct fraud analysis and threat detection.
Generate different types of reports using SIEM & SOAR data
Identify opportunities to enhance the current baseline processes and configuration
Produce engineering, integration and process related documentation.
Manage vendor relationships to drive roadmap, solution design, implementation and troubleshooting
Work with key stakeholders of the services to ensure the expectations are meeting the requirements
Knowledge of various applications and systems that include Servers, security platforms, middleware, Clouds (SaaS, PaaS and IaaS), Containers, etc. to come up with the right approach of SIEM integration
Ability to understand security risks and controls, to analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-justified solution
Ability to provide technical directions to other peer staff members, and to train new staff on the security team
Qualifications:
At least 5 years of experience in technology with emphasis on cyber security.
At least 3 years of experience in SIEM and SOAR products such as Splunk, Elastic, Datadog, Cribl, etc.
At least 1 years of experience in Data Lake and data warehouse using products such as AWS S3, Snowflake, Databricks, etc.
Experience with scripting is highly preferred like Python, Ansible etc.
Experience in creating trending, metrics, and management reports
Working knowledge in RegEx, Splunk search language, etc. is required.
Knowledge and experience operating in a hybrid-cloud environment.
Knowledge of modern security principles and their practical applications.
Knowledge and experience in AWS or Azure
Knowledge and experience with programming language to automate tasks (e.g. Python or PowerShell)
Education:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications. Equivalent work experience is equally preferable.
Preferred Certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Manager (CISM)
Certified Information System Auditor (CISA)
Certified Ethical Hacker (CEH)
