Work Schedule
Standard (Mon-Fri)Environmental Conditions
OfficeJob Description
When you join us at Thermo Fisher Scientific, you'll be part of a hard-working, driven team that shares your passion for exploration and discovery. With annual revenues over $40 billion and the most significant investment in R&D in the industry, we give our more than 100,000 colleagues the resources and chances to create meaningful contributions to the world.
SummaryDiscover Impactful Work: As a SIEM Engineer, you have a global responsibility for enabling cybersecurity response within the Corporate Infrastructure & Security (CIS) team. In this position, you will play a meaningful role in building and maintaining cybersecurity audit log delivery pipelines and developing searches, alerts, and dashboards within a cloud SIEM environment. Collaborating with Cybersecurity Operations, you'll help us proactively identify and respond to potential threats to keep our organization secure.
A Day in the Life:Log Pipelines: Map out and help maintain audit log collection, transformation, and delivery to cloud SIEM and/or data lakes for long-term retention and regulatory compliance.Writing Queries: Build sophisticated search queries to find vital log activity and dynamically join diverse datasets together to present patterns of activity.Alerting and Dashboarding: Develop new alerting mechanisms tailored to our security landscape within our SIEM platform. Build insightful dashboards that provide clear visualizations of security metrics.Systems Administration: Support a large AWS cloud environment of Unix systems running the log collection backbone.Keys to Success:Cross-Team Collaboration: Liaise with SOC analysts, security engineers, and incident responders to understand critical processes and craft effective automations.Documentation and Training: Ensure documentation and processes are well defined so that the engineered solutions are understood and repeatable.Ensure solutions are well built, backed up & restore tested, and consistently maintained for health.Problem Solving & Communication: Excellent analytical and problem-solving skills. Ability to communicate technical concepts to different audiences.EducationBachelor's Degree in cybersecurity, computer science, systems engineering, or related field. Equivalent work experience is acceptable.Certifications not required, but encouraged: Splunk Cloud Certified Admin, Splunk Enterprise Security Certified Admin, AWS Solutions Architect, AWS Cloud Security EngineerExperience2+ years of experience in a security engineering role with a focus on Splunk Cloud & engineering and development. Experience maintaining Splunk forwarders, fleets of apps and add-ons, handling configuration and version upgrades.2+ years of experience managing Splunk Enterprise Security development and tuning. Experience developing RBA use-cases, data normalization, and assets & identities configuration.At least two years experience in AWS/Cloud-native platformsKnowledge, Skills, AbilitiesIn-depth knowledge of SOAR platforms (Splunk SOAR/Phantom, Palo Alto XSOAR, Swimlane, etc.).Strong scripting skills in Python or other relevant languages.Understanding of network security protocols, threat intelligence sources, and incident response methodologies.Apply today! http://jobs.thermofisher.com