MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
1

SIEM Use Case/Rule Developer

Location Dallas, United States
Posted 10-October-2020
Description
Zyston is an information security solutions company providing businesses the comprehensive range of end-to-end services required to build and operate mature, cost-effective information security programs.

This opportunity will allow on the job training and growth!

We are looking for someone who has knowledge in many of the below:

Has created rules.
Understand attack methodologies.
Navigate and investigate within a SIEM
Know where log sources are (end point, IPS/IDS, etc)
Proficient with 1 SIEM at a minimum
Can create security use cases

Content Developer Role Responsibilities:

Develop client specific security use cases to improve the visibility of the threat landscape
Create abstract rules to detect network intrusions based on Indicators of Compromise (IOCs) identified through SIEM log analysis and threat intelligence sources
Create and maintain an index of security use cases
Conduct open ended analysis against large datasets
Identifying customer needs and implementing custom security use cases
Research and deconstruct cyber-attacks into sequenced indicators of compromise (IOC) and develop security use cases from indicators of compromise detectable through security device logs
Ensuring appropriate security relevant logging are ingested into SIEM platform from available log sources
Develop and deliver client facing deliverables
Responsible for delivering metrics and updates to clients for their SIEM content/rules

Job Requirements:

Able to both investigate and create security rules and use cases in at least 1 SIEM
Knowledge of major security tools including SIEM, IDS/IPS, firewalls, email gateway, proxy, endpoint, and anti-virus
Understanding of Windows Security Events
Understanding of cyber kill chain and attack methodologies
Ability to communicate and document technical information effectively towards various audiences
Able to demonstrate integrity, leadership, teamwork, and results
Have time management skills, strong attention to detail, and ability to perform in all key areas of the role
Staying up to date with recent cyber-attacks and trends
Plus - Knowledge of Sumo Logic and Splunk
Plus - Knowledge of Endpoint products desired (Carbon Black, CrowdStrike...)
Plus - Proficient in Regular Expression (RegEX)

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url