Network Security Administrator

6AM City

Phoenix, Arizona, United States

Phoenix, Arizona, United States

Über

Job Description Overview: The role focuses on developing network security tools content, managing data feeds, tuners, use cases, and integrating with SIEMs such as Splunk.
Top Skills
Security Content Development
Data exfiltration experience
Close security gaps
Firewalls, tools‑based configuration
Linux/Unix
Regex
Senior Responsibilities and Qualifications
Design, build, manage, and maintain data feeds, tuners, and use case development for network security tools.
Configure output for Splunk or other technologies.
Design, implement, monitor, and maintain in‑tool alerting.
Integrate tool data with other technologies.
Communicate effectively with senior management and threat management teams.
Hold 6–10 years of comparable experience.
Expertise in network security tools (not limited to SIEM) and data tuning and management.
Experience with IDS, full packet capture, or enhanced Netflow analytics.
Experience integrating data into Splunk or a similar technology.
Exceptional collaboration and analytics skills.
Strong verbal and written communication skills.
Additional Skills & Qualifications
Screening Questions that MUST be attached with the resume – direct experience performing the Tools Admin Content Developer role within Stealthwatch and Suricata, or related technology.
Maintains host groups based on asset management data.
Performs data feed tuning.
Builds relationship policies.
Builds maps/network diagrams (logical and physical).
Integrates Schwab‑specific use cases.
Implements and maintains rules and content.
Internal use case evaluation, configuration and POC with SIEM and Threat Intelligence teams.
Assists with development of custom rules and content.
StealthWatch alerting and live feeds, custom rules and alerts, Syslog templates.
StealthWatch, NetWitness, or similar API integration.
Unix/Linux OS and command line.
Regex development.
LUA scripting experience.
Cisco Stealthwatch, Suricata, RSA NetWitness, RSA Event Stream Analysis, RSA Malware.
Preferred Technology Experience
Unix/Linux OS and command line.
Regex development.
LUA scripting.
Cisco Stealthwatch.
Suricata.
RSA NetWitness.
RSA Event Stream Analysis.
RSA Malware Analysis.
Shift Schedule Monday – Friday, 8:00 am – 5:00 pm (MST/AZ Time). Some after‑hours work may be expected.
Desired (Nice to Have) Experience
Engineering and operational services for rule tuning, data configuration, and content tuning in Suricata, RSA Event Stream Analysis (ESA), and RSA Malware Analysis.
Creates custom rules and content.
RSA Event Stream Analysis alerting and live rules, custom ESA rules, Syslog templates.
RSA Malware capability & configuration.
Scoring module config.
IOC threshold tuning.
Whitelisting.
Syslog templates.
RSA Event Stream Analysis appliance tuning.
Analysis and troubleshooting using Wireshark, tcpdump, or similar utilities.
Screening Questions 1. As part of the job, you will build and maintain network monitoring to…
#J-18808-Ljbffr

Phoenix, Arizona, United States

Sprachkenntnisse

English

Hinweis für Nutzer

Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.

Ähnliche Jobs finden