hero

Portfolio Company Careers

Discover career opportunities across PFG's network of portfolio companies

SIEM Administrator

GoSecure

GoSecure

California, USA · Remote
Posted on Thursday, July 11, 2024

Summary

The SIEM Administrator will work with the SOC & SOC Infrastructure teams at GoSecure to provide application support on current and future SIEM products, ensure data feeds and application operation are maintained, and provide support to cyber security analysts in development of analytics and other operational aspects of the SIEM/SOAR product suite.

Duties and responsibilities

Application support
- Providing support for current and future SIEM products, including ensuring data feeds and application operation are maintained
Cyber security analyst support
- Helping cyber security analysts develop analytics and other operational aspects of the SIEM product
Data management
- Archiving, backing up, and purging data as needed and in compliance
Evidence collection
Collecting evidence for audits and documenting all activities performed and recorded
Change management
Raising change management tickets for SOC Admin activities and incidents
Troubleshooting
Coordinating with the SOC Monitoring team on troubleshooting issues and escalating them with a 3rd party TAC/Support team as required
Security policies
Developing and maintaining security policies, procedures, and standards to ensure compliance with regulatory requirements
Content improvements
Working with the Cybersecurity Incident Response Team and Threat Intelligence Team to identify content improvements
Technical oversight
Providing technical oversight, standardization, and validation of the effectiveness of SIEM content service
UAT -> Production Cycle
Stage and deploy upgrades, content changes and infrastructure improvements across several lab (UAT) and production environments to ensure minimal impact
Proactive Monitoring
Implement iterative improvements for all resource utilization, data flow and operational metrics to create actionable alerts to the SOC Infra team to highlight production health issues before they impact SOC duties

Qualifications

-Bachelor's degree and 4+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be accepted in lieu of degree.
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., Splunk, Elastic/Kibana, FortiSIEM).
- UNIX OS Administration & command line experience
- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
- Windows/Unix-specific networking
- Familiarity with various security tooling including EDR, NGAV, and Vulnerability Scanning technologies
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently.
- Motivated self-starter and the ability to create complex technical reports on analytic findings.

The following personal abilities are favoured at GoSecure:

Exceptional organizational skills;

Ability to think of problems and operational activities beyond technical scope, envisioning general business and political ramifications;

Ability to work independently and handle multiple tasks concurrently;

Adaptable to diverse environments;

Superior verbal and written communication skills in English and French are mandatory;

Energetic and positive with a “can do” attitude.

English: fluent or intermediate,

French considered a bonus

Why join us?

-3 weeks vacation, 5 personal days, paid bereavement days

-14 paid holidays

-Group insurance plan: health, dental, vision, disability, life, travel

-Employee assistance program (Dialogue)

-RRSP and matching employer contribution

-Peer recognition program and other awards granted throughout the years

-Company stock options

-Discounts on a variety of merchants

-Young and dynamic team always striving to improve

and much more!