Über
21642 Ally and Your Career At Ally Financial, we believe in the power of our people. Your well-being and growth matter to us, and we strive to support a balance between work and personal life. We offer a variety of generous benefits and encourage development through diverse employee resource groups. Join us in creating pathways for personal and professional growth. The Opportunity We're looking for a Lead Cyber Security Engineer with extensive hands-on experience in designing and optimizing large-scale SIEM (Security Incident & Event Management) systems. You'll take charge of the entire SIEM lifecycle—from architecture and data onboarding to content development, automation, and continuous enhancement. Your collaboration will span across SOC analysts, incident response teams, IT operations, and application teams to ensure effective detection and reliable log management. The Work Itself SIEM Architecture & Management:
Develop and oversee the SIEM architecture, ensuring robust data ingestion, normalization, and retention strategies. Assess and implement features and integrations for the SIEM platform; lead necessary upgrades and transitions.
Data Onboarding & Normalization:
Facilitate log onboarding from a variety of sources (EDR, firewalls, IDS/IPS, IAM, AD, and cloud platforms like AWS/Azure/GCP). Establish quality monitoring and dashboards to ensure data integrity and ingestion efficiency.
Performance Optimization:
Enhance SIEM performance regarding indexing, search efficiencies, and cost management. Implement access controls and ensure high reliability and disaster recovery systems are well-documented and tested.
Monitoring and Continuous Improvement:
Define key metrics for operational health and quality. Guide collaborative detection exercises and assess areas for improvement. Deliver comprehensive documentation and training for both SOC and IT teams.
Compliance & Governance:
Align SIEM operations with necessary regulatory standards and policies. Support audit processes and establish effective data policies.
Collaboration & Leadership:
Work with IT and cloud teams to ensure secure logging mechanisms. Mentor junior staff and participate in code evaluations. Engage in security architecture discussions for new projects.
The Skills You Bring Minimum Qualifications: 7+ years of related experience in cyber security. Bachelor's degree or equivalent. Preferred Qualifications: At least 5 years working with SIEM systems or similar security roles. Expertise in at least one SIEM solution such as Splunk or Microsoft Sentinel. Strong skills in data parsing, comprehensive scripting, and cloud logging. Demonstrated experience in Agile settings and effective communication. Relevant certifications (GCDA, GCIA, CISSP, etc.) are highly valued. How We'll Have Your Back: The compensation package includes competitive salary, performance incentives, and comprehensive benefits. We offer flexible paid-time-off, retirement savings plans, health and wellness programs, and support for family planning. Our commitment to diversity and inclusion is unwavering, and we foster a workplace where everyone can thrive. Join Ally Financial, a pioneer in digital financial services, and be part of a team that's dedicated to excellence. Ally is committed to equal opportunity and values diversity among our workforce. We welcome all qualified applicants without regard to their backgrounds. Location information: For this position, Ally will not sponsor a new applicant for employment authorization.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.