Position Cyber Threat Engineer UEBA (Exabeam) Engineer III Location Chicago, IL Duration 12 Months Contract Note Similar UEBA products to Exabeam are SIEM tools like Secureonix, QRadar, Splunk, etc.
Experience is required in Exabeam or UEBA product - from a skill set of deployment, configuration of the tool, tuning, playbookautomation creation, etc.
About This role is engineering focused to support life-cycle of the Threat and Vulnerability Management UBCA tool Exabeam (e.g.
build, support, operate, and maintain cyber security toolsets in the realm of Threat response, on premise and cloud) o Tuning, rule creations, manage and monitoring o Working with vendor on system upgrades, parsing, notifications o Assist and work with new data ingestion into the system based on use case requirements Education Bachelor s degree in Computer Engineering, Computer Science, Mathematics, Engineering, etc.
highly preferred Preferred Certifications Industry certifications in cyber security and forensics are nice to have Certified Ethical Hacker (CEH) GIAC Security Essentials (GSEC) GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Incident Handler (GCIH) Certified Information Systems Security Professional (CISSP) Security Years Experience 6 years of experience in systems engineering, networking or information security technologies Minimum of 4 years of information security cyber security experience in an enterprise environment 1 year experience with Exabeam UEBA tool Must Have Expertise within tools such as Exabeam or other User Entity Behavior Analytics (UEBA) Provide guidance on building andor maturing InT tool such as Exabeam or other UEBA tools Ability to analyze the tool and assist with Tuning, use case creation, and analysis Advanced log parsing and analysis skill set Knowledge of networking fundamentals (TCPIP, network layers, Ethernet, ARP, etc.) Demonstrated advanced knowledge of SIEM tuning, APTs, Insider Threat, IDSIPS In-depth knowledge of systems administration and systems analysis procedures Demonstrated advanced knowledge of at least 4 of the following 1.IDSIPS, Insider Threats, APT (Advanced Persistent Threats) 2.Malware Analysis, Exploit techniques 3.RegEx (Regular Expressions) 4.SEIM Tuning 5.Alarm and Signature Creation 6.Email Security (e.g.
DMARC, DNS, Inline mail gateway malware protection) 7.Cloud security (Amazon, Azure, Google Cloud) Advanced log parsing and analysis skill set Protocol analysis experience In-depth knowledge of risk management standards, procedures and practices Scripting Experience engineering solutions and then operating and maintaining systems (e.g.
idea, planning, testing, documentation, implementation, patching, release note analysis, etc.) Ability to work as part of a team and independently with limited supervision Ability to lead, mentor, and train others Ability to prioritize work and meet deadlines Day to day This role is engineering focused to support lifecycle of the Threat and Vulnerability Management cyber toolsets.
build, support, operate, and maintain cyber security toolsets in the realm of Threat response, on premise and cloud) Engineering cyber security tools based on roadmap (e.g.
reviewing gaps in toolsets, leading proof of concepts, researching technologies) Network and systems management in place (e.g.
proactive monitoring) Train team members on toolsets Ensure systems are patched and running latest versions Ensure documentation is created and maintained Security operations and incident response