SIEM Security Engineer

3012247

Company Overview:

ADT has been in the business of helping save lives since 1874. As the #1 smart home security provider in the U.S., we help protect and connect families, businesses and larger commercial customer every day. Our continuous innovation, advanced technology and strategic partnerships deliver products and services that help protect life and valuables, whether at home, your business or on the go. And as times change, so do we. Above all, our mission is clear: we help save lives for a living. Looking for a career where you can make a real impact? Join our team today and put purpose behind your paycheck. #WeAreADT

Check out more about life at ADT here.

Responsibilities:

• Serve as the Subject Matter Expert of the SIEM solution such as Splunk, Sumo Logic, XSIAM, Chronicle, Exabeam, and Endpoint Logging.
• SIEM configuration and content management - creation of advanced searches, alerts, and reports to enhance SOC efficiency.
• Creation of dashboards and reports for both technical and non-technical users and leadership.
• Monitor endpoint logging, ensuring coverage across the enterprise.
• Tune, optimize, and normalize logging for efficiency and cost-savings.
• Creation of threat detection rules using data from firewalls, IDS, Antivirus/EDR, DLP, WAF, Netflow, Vulnerability Management, System Event Logging, and Cloud Security Platforms.
• Creation of technical documentation detailing playbooks, workflows, queries, and more.
• Research latest threats and attack tactics - implement defensive measures and response procedures to reduce potential impact.
• Provide solutions to improve secure configuration and hardening of endpoint systems, perimeter networks, and cloud technologies.
• Perform technical analysis of malware and network/web application attacks and other suspicious activities.
• Use the Incident Response Lifecycle to guide your work tasks and implement processes and procedures.
  
  

Education and Experience:

• Certified Information Systems Security Professional (CISSP) or Equivalent preferred.
• SANS and/or Advanced GIAC certifications desired.
• Bachelor’s degree in Computer Science or a related technology field or equivalent in comparable work experience within the network or security field preferred.
• Extensive experience maintaining, optimizing, and troubleshooting SIEM solutions.
• Extensive experience with network security devices such as firewalls, Intrusion Detection/Prevention, web application firewalls, Wireless Intrusion Prevention, Vulnerability Management.
• Extensive experience with Palo Alto Networks solutions strongly desired.
• Experience with information security incident response and risk mitigation.
• Experience in Linux and Windows system administration and security.
• Familiarity with compliance frameworks such as SOC2, SOX, and PCI a plus.
  
  

Skills and Knowledge:

• Highly motivated and able to work independently and as part of a high performing team.
• Open-minded, adaptable, and passionate about learning.
• Familiarity with data normalization techniques and data models.
• Strong analytical skills.
• Ability to solve unique problems with outside-the-box solutions.
• Broad knowledge of Enterprise Infrastructure concepts and best practices as they relate to Cyber Security and incident response.
• Ability to write regex is a plus.
• Solid understanding of packets, network traffic, and the OSI model.
• Knowledge of penetration testing methods and tools.
• Excellent communication and writing skills.
  
  

Compensation and benefits statement:

The salary range for this role is $73,066-$146,131 and is based on experience and qualifications.

Certain roles are eligible for annual bonus and may include equity. These awards are allocated based on company and individual performance.

We offer employees access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, life insurance, wellbeing benefits and paid time off among others. Employees accrue up to 120 hours in their first year. Your accrual rate increases after your first year. We also offer 6 paid holidays.

Anticipated application end date will be on 7/20/2024.

ADT is an Equal Employment Opportunity (EEO) Employer. We celebrate diversity and are committed to building an inclusive team that represents a variety of backgrounds, perspectives, and skills. ADT strives to ensure every employee and applicant feels valued. Visit us at jobs.adt.com/diversity to learn more.