Info Sec Logging Specialist, Cybersecurity in Charlotte, North Carolina at AccruePartners

Date Posted: 7/13/2020

Job Snapshot

Job Description

AccruePartners values our contract and consulting employees. We offer a competitive benefits package to meet the diverse needs of all of our contractor and consulting employees and their family members. Here is a listing of what our company offers: 401(k) Medical, Dental, Vision, Life Insurance, Employee Assistance Program, Medical and Prescription Drug, Short and Long-Term Disability Insurance.

THE TEAM YOU WILL BE JOINING:

  • Fortune 100 Financial Services Company
  • 100-year history of dedication to customer satisfaction, success and growth
  • Tremendous growth and new business strategy leading to the need for new talent
  • Significant investments in cutting-edge technology

WHAT THEY OFFER YOU:

  • Culture: Excellent work environment that fosters collaboration
  • Growth: Ability to make an impact on the direction of the organization
  • Opportunity: Gain hands-on experience working with cutting-edge technology
  • Stability: Recent financial performance of the company has reported record profits

WHERE THE POSITION IS LOCATED:

  • Charlotte, NC

WHY THIS ROLE IS IMPORTANT:

  • Assist in Cybersecurity specific enterprise log management and orchestration efforts to ensure proper onboarding, normalization, monitoring, SIEM management and orchestration of cyber security specific enterprise logs.
  • Reduce security relative raw events into actionable items for the Security Event Detection and Incident Response.
  • Collect, store and process raw data and information in support of intelligence generation.
  • Be responsible for analyzing security events, investigating potentially compromised endpoints, and driving security incidents to resolution. 
  • In addition, the incumbent will be responsible for proactively hunting and analyzing unidentified threats in the environment. 

THE BACKGROUND THAT FITS:

  • 4+ years information security experience.
  • 1+ Year working with Security Operations Centers.
  • Knowledge of common operating systems, with experience performing endpoint investigations and forensic examinations.
  • Technical knowledge and some experience in handling/investigating security incidents.
  • Must have strong verbal and written communication skills, with equally strong multi-tasking and documentation skills.
  • Experience with enterprise information security data management and log aggregation tools.
  • IP Protocol Suite; knowledge of TCP/IP protocols.
  • Proficiency with Windows & UNIX
  • Strong Problem Solving skills
  • Proficiency with Regex
  • Proficiency in Python
  • Industry-recognized information security certifications are preferred, but not required.
  • Experience creating new security alerts, reports, or other monitoring capabilities.
  • Experience in scripting languages such as (or similar to) Python, PERL, and Ruby.
  • 7+ years’ experience in information technology
  • 2+ years’ experience in information security
  • Experience in managing, engineering, or developing content for centralized logging solutions. (Splunk, ArcSight, ELK, Graylog, etc)
  • Familiarity with a broad range of security technologies and how they function, as well as non-security devices and how their log outputs can indicate security incidents
  • 2+ years in log review, analysis, and design of searches / alerts to bring actionable intelligence from logs
  • 2+ years SIEM (Splunk ES) content development experience
  • Understanding of Splunk engineering a plus
  • Excel or other data mangling & visualization skills
  • Ability to identify both tactical and strategic solutions.
  • 1+ years SIEM (Splunk ES) content development experience