| CW Information Security Engineer/ Plano Texas / 1-year plus |
- The resource will be responsible for lead roles in the operational support of the QRadar SIEM solution and the project that will replace our existing IDS/IPS (intrusion detection/prevention system) solution.
- The resource will work with various IT departments to expand the SIEM solution into areas not currently covered.
- Experience with QRadar and the ability to troubleshoot log collections from various platforms is a must.
- The IDS/IPS replacement project is intended to replace the existing solution with another IDS/IPS solution.
- This project includes design, implementation, and policy configuration aspects. This is a technical position requiring a broad knowledge of security and networking skills.
The Information Security Engineer is an integral part of the Information Security Monitoring and Alerting program.
Skills include the ability to:
- Demonstrate technical expertise with security infrastructure architecture design/implementation and management
- Coordinate activities with infrastructure engineers, network engineers, DBAs, and information security personnel
- Gather and understand technical requirements related to functionality, design, and integration Assist in the design of log collection and data flow between solution and target systems
- Exchange information with solution vendor Help troubleshoot the log collection from networking devices, operating systems, databases, security applications, and more Configure queries, correlation rules, dashboards, alerts, searches, reports, etc., based on operating systems, platform, data type, and other reporting elements Support and enhance event parsing, log collection and storage, compliance automation, and identity monitoring activities
- Help develop processes and procedures around security event management
- Support all technical aspects of the IDS/IPS replacement project design and implementation
- Hands-on experience using IBM QRadar and McAfee IDS/IPS aka McAfee Network Security Manager Knowledge
- Experience with SIEM and IDS/IPS concepts, implementations, and technologies
- Team player willing to share knowledge and learn from others
Knowledge and experience with proxies, firewalls, DLP, and other network-based security solutions CISSP certified.