Senior Cybersecurity Engineer - SIEM

Position Details

Requisition Number

S512P

Home Org Name

Chief Information Office

Division Name

Chief InfoOffice and InfoTechnology

Position Title

Senior Cybersecurity Engineer - SIEM

Job Class Code

MA41

Appointment Status

Full-time

Part-time FTE

Limited Term

No

Limited Term Length

Job Summary

The Office of the Chief Information Security Officer is seeking applicants for the role of Sr. Cybersecurity Engineer ( SIEM ). Under general supervision, responsible for the planning, engineering, developing, implementing, and compliance monitoring of organization-wide information security programs. This role will be responsible for the maintenance and management of the Security Information and Event Management ( SIEM ) tools, such as Splunk and Azure Sentinel. This position is also responsible for assessing current logging and threat hunting gaps and developing dashboards and monitoring interfaces to fill those needs. Other cybersecurity duties may be assigned as needed.

Essential Functions

1. Assist in ensuring information security policies and procedures are followed.
2. Creates and maintains content (queries, dashboards, reports, alerts, etc.) in industry SIEM tools Splunk and Azure Sentinel.
3. Works in conjunction with the Security Operations Center ( SOC ) to assess gaps in monitoring and develops content to rectify needs.
4. Manages the SIEM platform including log integration, app installation, SIEM upgrades, and platform maintenance.
5. Supports and participates in SOC engineering efforts such as tool and data integration, development of automation, scripts, testing of new tools and evaluation of new technologies.
6. Participates in risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and logging needs.
7. Assists in incident response efforts.
8. Communicates and coordinates with distributed information technology units and internal technical teams
9. Communicates and works with the Auburn University Audit, Compliance and Privacy department
10. May perform other related duties as assigned by the IT Manager.

Education Level

Bachelor’s degree

Field of Study

No specific discipline required

Years of Experience

Eight (8) or more years

Area of Experience

Experience configuring, tuning, and evaluating efficacy of key security tools, including but not limited to firewalls, VPN, SIEM, anti-malware, forensics.

Requirements for Additional Job Levels

Education Level

Field of Study

Years of Experience

Area of Experience

Requirements for Additional Job Levels

Minimum Skills and Abilities

1. Experience configuring and tuning SIEM Products, Splunk (required) and/or Azure Sentinel
2. Experience creating queries, reports, and dashboards in Splunk or Azure Sentinel.
3. Understanding of common types of attacks & vulnerabilities including CVEs, OWASP Top 10
4. Must have team leadership skills, negotiation skills, and advanced client relation skills.
5. Ability to remain up-to-date with privacy and security regulations.
6. Ability to recognize, analyze, and solve a variety of problems.
7. Ability to effectively communicate technical concepts to a non-technical audience.

Minimum Technology Skills

Knowledge of SIEM tools and processes with a strong understanding how a SIEM aggregates data multiple sources to analyze that data to catch abnormal behavior or potential cyberattacks.

Must have team leadership skills, negotiation skills, and advanced client relation skills.

Ability to effectively communicate technical concepts to a non-technical audience.

Minimum License and Certifications

Certified Information Systems Security Professional ( CISSP ) Certification required.

Desired Qualifications

Bachelor’s Degree in Computer Science or IT related field suggested. Master’s degree is related field preferred.

1. Splunk Architect certification.
2. Experience using REST APIs and Regular Expressions (RegEx).
3. Experience analyzing regulations and requirements such as HIPAA, GLBA, and PCI - DSS to determine logging requirements.
4. Python development experience.

Salary Grade

00

Salary Range

$85,400 - $136,600

Job Category

Information Systems/Technology

Working Hours if Non-Traditional

List any hazardous conditions or physical demands required by this position

Posting Date

11/20/2020

Closing Date

EEO Statement

AUBURN UNIVERSITY IS AN AFFIRMATIVE ACTION / EQUAL OPPORTUNITY EMPLOYER . It is our policy to provide equal employment opportunities for all individuals without regard to race, sex, religion, color, national origin, age, disability, protected veteran status, genetic information, sexual orientation, gender identity, or any other classification protected by applicable law.

Special Instructions to Applicants

Auburn University is one of the nation’s premier public land-grant institutions. In 2020, it was ranked 44th among public universities by U.S. News and World Report. Auburn maintains high levels of research activity and high standards for teaching excellence, offering Bachelor’s, Master’s, Educational Specialist, and Doctor’s degrees in agriculture and engineering, the professions, and the arts and sciences. Its 2019 enrollment of 30,460 students includes 24,594 undergraduates and 5,866 graduate and professional students. Organized into twelve academic colleges and schools, Auburn’s 1,643 instructional faculty members—87% of whom are employed full-time—offer more than 200 educational programs. The University is nationally recognized for its commitment to academic excellence, its positive work environment, its student engagement, and its beautiful campus.

Auburn residents enjoy a thriving community, recognized as one of the “best small towns in America,” with moderate climate and easy access to major cities or to beach and mountain recreational facilities. Situated along the rapidly developing I-85 corridor between Atlanta, Georgia, and Montgomery, Alabama, the combined Auburn-Opelika-Columbus statistical area has a population of over 500,000, with excellent public school systems and regional medical centers.

Auburn University is committed to providing a comprehensive employee benefits package that attracts and retains talent to further the University’s mission and contributes to the personal and financial well-being of employees and their families. Employee Benefits include: Health Insurance, Dental Insurance, Vision Care, Cancer Insurance, Life Insurance/Personal Accident Coverage, Disability Group & Supplemental Plans, Flexible Spending Account Plan, and Mandatory and Voluntary Retirement Plans, Auburn University Federal Credit Union, Bookstore Discounts, Tiger Perks discounts on dining, shopping and entertainment, Travel Assistance (Domestic and International), and Educational Improvements for Employees and Dependents.

Quick Link for Internal Postings

https://www.auemployment.com/postings/20283
Documents Needed to Apply
Required Documents

1. Resume
2. Cover Letter

Optional Documents

1. Letter of Recommendation
2. Other
3. Other Documentation

Supplemental Questions

Required fields are indicated with an asterisk (*).

1. * How were you made aware of this opportunity?
   • AU Employment website
   • Employment websites (Indeed, HigherEd Jobs, etc.)
   • Veterans Assistance Services
   • Disability Assistance Services
   • Newspaper
   • Professional Journal
   • Listserv
   • HR email
   • Social Media
   • State Employment Service
   • Walk-in
   • Other
2. * Please select the answer that best describes your current employment relationship with Auburn University.
   • Not a current Auburn employee
   • Current Auburn employee in position less than one year
   • Current Auburn employee in position more than one year
3. * Do you have a Bachelor's degree from an accredited institution?
   • Yes
   • No
4. * Do you have 8 years of experience in configuring, tuning, and evaluating efficacy of key security tools, including but not limited to firewalls, VPN, SIEM, anti-malware, forensics?
   • Yes
   • No
5. * Are you a Certified Information Systems Security Professional (CISSP)?
   • Yes
   • No
6. * Describe your experience maintaining and managing a Security Incident and Event Monitoring (SIEM)?
   
   (Open Ended Question)
   
   
7. * Describe the values and goals of a SIEM
   
   (Open Ended Question)