Security Engineer

Security Engineer for Splunk Security Information and Event Management (SIEM)

• Perform Tier 1 monitoring and security incident triage through the review of SIEM events, network traffic data collection, and endpoint activity logs
• Identify and collect data associated with initial security investigation findings through Splunk and Splunk SOAR platforms
• Document and track investigations to resolution, along with potential escalation to incident responders for advanced analysis
• Monitor security event and incident detection systems, including SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention System), and other security tools
• Identify and investigate potential security incidents and events, performing initial triage and analysis to determine the severity and impact
• Escalate and report security incidents to higher-level analysts or incident response teams as necessary
• Assist in the development and maintenance of security policies, procedures, and documentation
• Monitor and analyze network traffic for security events and anomalies, utilizing both automated tools and manual analysis techniques
• Collaborate with other teams to ensure timely and effective response to security incidents