Sr. Principal Security Engineer, SIEM Engineer
Makati City, National Capital Region (NCR), PH
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
Job Description – Sr. Principal Security Engineer, SIEM Engineer
ENABLING THE DIGITAL WORLD
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
The Opportunity:
The Sr. Principal Security Engineer, SIEM Engineer is a member of the Information Protection Center providing subject matter expertise. You are responsible for the health, performance, and capacity planning of our SIEM platform including the management and operation of the SIEM infrastructure. This hands-on role requires a deep technical knowledge of security technologies and must have a solid understanding of information security and networking.
- Providing subject matter expertise for all SIEM components and design.
- Researching, documenting, and implementing security best practices to continually improve the deployment and use of the SIEM.
- Coordinating and conducting event collection, log management, event management, and compliance automation.
- Researching, analyzing, and understanding common and complex log sources.
- Providing expert guidance regarding the implementation of rules and event correlation for the SIEM environment.
- Developing detection rules to support alerting and response capabilities for our SOC services.
- Providing day to day event parsing and repairing of events that have missing or incorrect information.
- Troubleshooting issues with log sources or systems, with internal IT teams and vendors, providing resolution to defects or performance issue as needed.
- Creating detailed reports on the status of the SIEM that also includes metrics on items such as number of logging sources, log collection rate, and server performance.
- Design and build dashboards in the SIEM.
- Develop, implement, and execute standard procedures for the administration, management, and lifecycle of the SIEM.
- Participating in incident response and technical investigations as needed.
- Performing in-depth analysis of current threat activity and trends
- Mentoring and training security team members on the SIEM deployment and operation.
- Providing support for audits and gathering of artifacts for FedRAMP, ISO27001, PCI, SOC1 & SOC2, etc.
- What it takes:
- BS in Computer Science, Cyber Security, Information Assurance, or Information Security preferred.
- 5 - 8 years SIEM experience that includes leading SIEM deployments and optimization.
- Minimum 10 years working experience with LogRhythm and/or Splunk.
- Understands and can articulate how the SIEM platform and service provides value to the company.
- Experience in a large enterprise environment analyzing security event data for attack patterns and understanding attacker tactics.
- Experience in developing SIEM correlation rules to detect new threats beyond current capabilities.
- Working knowledge of Threat intelligence to interpret IOC’s and translating them for SIEM alerting.
- Understanding of OSI layers, network protocols (IP, ICMP, TCP, UDP), network services (DNS, DHCP, HTTP), routing protocols
- Scripting skills (Python, PowerShell, Regular Expressions, Lua)
- Experience with Windows and Linux Operation Systems
- Experience creating and refining metrics to articulate and measure program performance.
- Able to work independently and efficiently, as well as with others, to meet deadlines in a fast-paced environment.
- Self-motivated and detail oriented.
- Possess excellent writing and communication skills.
- CISSP, GCIH, CISA, CISM, or other industry certifications preferred.
Work Location
The location for the position is in the Philippines.
Salary Plan
Annualized Total Cash Compensation
OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.