Atlanta Atlanta, GA 30318
Job Title: SIEM Specialist
Location: Atlanta GA 30318
Duration: 6+ Months Contract
About our Client : Our Client is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Our Client works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 425,000 people serving clients in more than 120 countries, Our Client drives innovation to improve the way the world works and lives
- McAfee SIEM administration experience
- SIEM Nitro, Intel Security,
- Splunk SIEM, Arcsight SIEM, IBM Qradar SIEM RSA SIEM
- Knowledge of how McAfee SIEM parses, aggregates, normalizes, correlates, and alerts
- Syslog NG Relay and/or WEF
- SIEM specialist would be a member of Client SIEM Team and responsible for
- Validate, generate report and resolve logging inactivity by notifying and working Point of contact
- Discover and remediate logging inconsistencies (SIEM) such as Inconsistent timestamp, Inconsistent log levels etc.
- Manage, Configure and cleanup Syslog relay configuration
- Act as point to validate logs are received on relay
- Setup applicable mutual authentication with TLS 1.2 between data sources and relays
- Capture log samples
- Validate in scope logs contain the required fields to build parsers in SIEM/UBA
- Validate relay configuration that SIEM and UBA are receiving messages
- Review existing correlation rule and recommend updates if required
- Recommend new correlation rules
- Assist in creating custom parsers.
- 3 - 5 years working in the Security Logging and Monitoring space
- 2 -4 years of SIEM administration experience
- Network security monitoring experience
Knowledge of various log formats from: network infrastructure, server, web applications, databases, etc.
- Knowledge of Syslog Relay and Windows Event Forwarder
- Knowledge of VPNs, firewalls, routing/switching, databases, web applications, etc.
- Linux and Windows System administration experience
- Scripting languages such as Python, PowerShell etc.
Must have Skill:- We need Top Three Highlight Skills Exp. If you get resources has MCAfee SIEM that would be placement. Otherwise At least Get resource with Second and Third Highlighted skill resource.
About ASK: ASK Staffing is an award-winning technology and professional services recruiting firm servicing Fortune 500 organizations nationally. With 5 nationwide offices, two global delivery centers, and employees in 42 states-ASK Staffing connects people with amazing opportunities
Dennis Miller @ Dennism@askstaffing.com ; - 678-487-8583