Sr. SIEM Engineer

Piper Companies is seeking a Sr. SIEM Engineer to join a leading cybersecurity organization. The Sr. SIEM Engineer will be responsible for identifying, assessing, and managing threats, vulnerabilities, and associated risk to clients information assets.



Responsibilities of the Sr. SIEM Engineer include:

• Be part of a highly collaborative security operations team delivering vulnerability management services to cloud service providers, and other organizations operating highly regulated environments
• Review vulnerabilities and data from various sources (e.g., penetration testing, vulnerability scanning) across different technologies and environments to assess the risk level to business assets
• Conduct recurring and on-demand OS/DB & Web scanning activities for multiple customer environments
• Build, configure, and manage vulnerability management tools within customer environments, serving as the subject matter expert for vulnerability management queries
• Assist customers with scanning their FedRamp environment, establishing standards, and managing false positives and exceptions
• This position will be the liaison between the vulnerability management team and various SRE teams and customer teams and must be able to provide technical remediation details or workarounds, help track and identify asset inventory, log work tickets and exceptions and research vulnerability findings
• Configure and troubleshoot scanning devices and resolve agent & authentication issue
• Work independently and with vendors’ professional services to diagnose and troubleshoot any issues with vulnerability assessment tools.
• Analyze identified vulnerabilities to identify false positives or environmental factors that affect the risk scoring and ensure the POAM is updated to reflect that analysis.

Qualifications for the Sr. SIEM Engineer include:                                                                                            

• 4-6 years of related experience in professional services, vulnerability management, and compliance monitoring
• Must have experience with one of the following SIEM tools: Splunk, Chronicle, Elastic, Sentinel, Sumo Logic
• Must be skilled in web application testing, API testing, and network testing
• 1-2 years developing playbooks, runbooks, and troubleshooting technical issues.
• Good understanding of Windows and Linux patching
• Proficiency in scripting, such as Python and/or PowerShell
• Prior experience working with Burp Suite Professional, or other similar DAST tools
• Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results
• Experience with building, configuring, and managing vulnerability scanning tools (Nessus/Burp Suite preferred)
• BS or above in a related Information Technology field or equivalent combination of education and experience

Compensation for the Sr. SIEM Engineer includes:

• Salary Range: $110,000 – $150,000
• Full benefits: PTO, Paid Holidays, Cigna Healthcare, Dental, Vision, 401k

Keywords: #LI-JK1 #LI-REMOTE

Piper Companies, SIEM, Splunk, Sentinel, Sumo Logic, Chronicle, Security, security monitoring, vulmanagement, vulnerability management, compliance, alerts, logs, log ingestion, cloud, burp suite, Elastic, Fedramp, POAMs, Python, powershell, infrastructure, linux, windows, aws, gcp, azure