Are you interested in building cybersecurity solutions for the future? If so, pursue your passion as SIEM Engineer on our Cyber Defense team!
In this role, you will be an integral part of the IT organization. The ideal candidate will have a demonstrated understanding of Information Security, Computer Networking, the Software Development Life Cycle (SDLC) and extensive experience interacting with customers. Candidate must have Security Information and Event Management (SIEM) expertise and be willing to train on the company platform and products.
This is a technical, hands-on role that will focus on maintaining the SIEM platform, working alongside team members and stakeholders as well as training and enabling teams for successful adoption of the SIEM platform
Manage platform, agent, and app\add-on log source integration upgrades
Develop alerts, reports, data models, dashboards, and connectors to support custom user requirements
Recognize patterns and inconsistencies that could indicate complex cyber-attacks
Develop SIEM correlation rules to detect new threats beyond current capabilities
Assist with designing and documenting work processes
Perform log file analysis as needed
Develop recommendations in collaboration with other team members to maximize Enterprise capabilities in prevention, detection, analysis, containment, eradication, and recovery from cyber-attacks.
Contribute to CTI (Cyber Threat Intelligence) data gathering, reporting, and analysis activities
Leverage automation and orchestration solutions to automate repetitive tasks
Research and explore new avenues to overcome obstacles by utilizing the latest technologies and cybersecurity standards
Bachelor's degree in Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering or related field, or equivalent work experience
2-5 years of experience in the Information Security field
1+ years of experience with SIEM and UEBA solutions such as Splunk, LogRhythm, Elastic
Understanding of log collection methodologies and aggregation techniques such as Syslog, NXlog, Windows Event Forwarding
Working knowledge of cloud platforms such as AWS, Azure and GCP
Strong knowledge of at least one programming or scripting language (ex. Python, PowerShell, PHP, Perl)
Understanding of security models and frameworks (ex. MITRE ATT&CK, MITRE D3FEND, Cyber Kill Chain (CKC))
Demonstrated experience providing customer-driven solutions, support, or service
Ability to communicate effectively with all levels of an organization from Engineering, Operations to C-level audiences
Rockwell Automation is the largest company in the world dedicated to industrial automation and information. Here, we connect the imaginations of people with the potential of technology to make the world more intelligent, more connected and more productive.
From improving the production of medicines that boost human health to reducing waste in an oil and gas plant, the work we do changes how we live. We truly believe we are doing things never before possible. And we need the brightest minds to help make that happen – the makers, the forward thinkers, the problem solvers.
Join a team of more than 23,000 global employees in 100+ countries as we work together to expand human possibility.