GuidePoint SecurityRemote
SecOps Observability Engineer - North Central region (Remote in the U.S.)
United States
Full-time
1 day ago
H1B Sponsor Likely
Key skills
SIEMSOARlog managementSecurity Operations Centerdata ingestionlog parsingincident responsesecurity event monitoringcommunicationcollaborationTableauSplunkLeadership
About this role
GuidePoint Security is a trusted provider of cybersecurity expertise, solutions, and services. They are seeking a SecOps Observability Engineer who will focus on threat detection, incident response, and security event monitoring while collaborating with internal stakeholders and external vendors.
Responsibilities:
- Hands-on experience with observability products such as SIEM (Security Information & Event Management, SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl
- In-depth knowledge of log management, monitoring, and alerting techniques
- Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly
- Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms
- Ability to work with and understand log parsing, aggregation, and normalization
- Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes
- Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors
- Comfortable producing clear, concise reports and documentation related to security incidents and system performance
Requirements:
- Hands-on experience with observability products such as SIEM (Security Information & Event Management, SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl
- In-depth knowledge of log management, monitoring, and alerting techniques
- Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly
- Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms
- Ability to work with and understand log parsing, aggregation, and normalization
- Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes
- Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors
- Comfortable producing clear, concise reports and documentation related to security incidents and system performance
- Experience with one or more products: Observo, Tableau, CrowdStrike NG-SIEM, Splunk, Google SecOps, Palo Alto XSIAM, Elastic, etc
- Bachelor's degree in a relevant discipline or equivalent experience
- Minimum 4 years in an enterprise level security consultative role building and assessing Information Security architectures and programs
- Prior experience in a corporate operational or technical leadership role