LogRhythm / SIEM Administrator
Virtual / Augusta GA
Unisys is a global information technology company that builds high performance, security-centric solutions for the most digitally demanding businesses and governments on Earth. Unisys offerings include security software and services; digital transformation and workplace services; industry applications and services; and innovative software operating environments for high-intensity enterprise computing. We build better outcomes securely for our clients across the Government, Financial Services, and Commercial markets. For more information, visit www.unisys.com.
The primary function of this role is to participate as a senior member of a 24x7 Security Operations Center (SOC) team, delivering the required actions as described within agreed guidelines and follow standard procedures to maintain, manage and report on the security event management and infrastructure events of our clients.
- Applying knowledge of a client's security policies and procedures to detect, analyses and prevent both internal and external security breaches using SIEM and other security event monitoring tools
- Research and document appropriate information to support escalations of complex security issues to Senior Analysts or appropriate engineers
- Actively monitor the SIEM/security monitoring tools in order to identify anomalies and other event not automatically detected
- Develop basic SIEM/security monitoring tool event filters
- Lead rule development activities to need to increase detection efficiencies and help in the prevention of malicious attacks
- Provide vulnerability assessment analysis to clients/accounts based on scanning technology output.
- Mentor junior team members
- Experience in networking, operational security management and telecommunications;
- At least 5 years' experience in a security analyst/administrator role in a complex environment;
- Extensive knowledge of security products and network topology;
- Extensive knowledge of TCP/IP and other protocols;
- In-depth knowledge of current Internet security attacks and prevention.
- Experience in security analysis tools such as ArcSight, LogRhythm, QRadar, etc.
- Strong knowledge of leading enterprise commercial firewall technologies (certifications preferred);
- Strong knowledge of structured intrusion detection, tracking and analysis using industry leading commercial technologies (certification preferred);
- Specific knowledge of Windows security issues;
- Specific knowledge of Unix security issues;
- Excellent English communication skills, both verbal and written. Other language skills are an advantage;
LRSA, LRPA, LRSE or LRDE
Do you have what it takes to be mission-critical? Apply Now.
Unisys offers a very competitive benefits package including health insurance coverage from first day of employment, a 401k with an immediately vested company match, vacation and educational benefits. To learn more about Unisys visit us at www.Unisys.com.
Unisys is an Equal Opportunity Employer (EEO). Minorities, Females, Disabled Persons, and Veterans.