SIEM Content Engineer
Who are we looking for:
State Street seeks to recruit SIEM Content Engineer that will create and enhance threat detection use cases to detect cyber threat activity. Join us in evolving our threat management capabilities to shape a pro-active threat intelligence driven fusion model to protect State Street, its customers and partners from the ever evolving and sophisticated global threat actors. Remote work options will be considered for the highly skilled candidates. What will you be responsible for:
What we value:
- Identify, prioritize, implement, test and tune threat detection use cases within the SIEM. Create alerts and reports for Threat Monitoring (SOC) and various stakeholders.
- Partner with Threat Intelligence to align detection strategy with threat model and MITRE ATT&CK framework.
- Partner with purple team, various security, risk, IT and business professionals to drive threat detection goals.
- Measure effectiveness and coverage of detection use cases.
- Participate in alert creation in various security controls such as EDR, IDS, Cloud, email gateways, etc. Analyze, influence, and recommend.
Education & Preferred Qualifications
- Experience implementing and validating threat detection alerts/reports.
- Knowledge of adversarial tactics, techniques, and procedures - ability to create detective controls.
- Knowledge of cyber threat intelligence.
- Knowledge of IT architecture and operations (computing, network, storage & cloud).
- Knowledge of security control technologies.
- BS in Cyber Security, Information Technology, Computer Science or relevant experience
- +3 years in a cyber security skill role - SIEM Content Engineer, Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
- Financial Services experience a plus.
- Software development and/or scripting experience a plus: Python, Powershell, etc.
- Technical security certifications a plus - GMON, GCDA, GCIH, etc.