Sr SIEM/SOAR Engineer (Remote)At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world.Job OverviewThe SIEM/SOAR Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources. They are competent to work in all aspects of managing security controls and products.Key Responsibilities:
Design, develop, and implement security information and event management (SIEM) rules and detections within the Devo SIEM platform.
Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
Utilize Regex for efficient log parsing and extraction of relevant security events.
Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.
Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
Collaborate with the security operations center (SOC) team to ensure effective incident response and threat hunting.
Stay current with emerging threats and security best practices, recommending improvements to the SIEM configuration.
Document SIEM configurations, detection rules, and incident response procedures.
What your background should look like:Required Qualifications:
3+ years in Information Security SIEM administration, parser development, cybersecurity content development, creating queries, alerting, and log analysis (or similar logging role).
3+ years’ experience in scripting/process automation.
3+ years operating and supporting a large enterprise environment
Experience with security configuration of operating systems, network devices, etc.
Demonstrated experience with at least one programming/scripting language
Demonstrated experience with securing all aspects of an enterprise
Demonstrated experience in understanding networking technologies and protocols
Demonstrated some systems administration experience with Windows and Linux/UNIX-based operating systems
Participate in an on-call schedule for high-priority issues
Experience in a technology-planning role.
Must have a passion for technology and stay current with emerging security trends.
Excellent verbal & written communication and presentation skills.
Experience with new technology evaluations, software package selection, and buy vs. build analysis.
Preferred Qualifications:
Experience with Devo (or next-gen SIEM)
Experience with AWS, Azure, SAAS logging, and cloud technologies in general
Experience with EDR technologies
Familiarity with standard logs from different systems: Windows/Linux/Cloud, etc.
Advanced Scripting – Powershell, Python, etc
API integration/automation experience
Experience with process automation / at least one primary SOAR tool
Manufacturing and engineering industry experience.
Experience working in a global organization.
Education Required/Desired:
Undergraduate degree in business, computer science, management information systems, or other equivalent work experience.
CompetenciesValues: Integrity, Accountability, Inclusion, Innovation, TeamworkCOMPENSATION Competitive base salary commensurate with experience: $100,160 - $150,240 (subject to change dependent on physical location) Posted salary ranges are made in good faith. TE Connectivity reserves the right to adjust ranges depending on the experience/qualification of the selected candidate as well as internal and external equity. Total Compensation = Base Salary + Incentive(s) + BenefitsBENEFITS A comprehensive benefits package including health insurance, 401(k), disability, life insurance, employee stock purchase plan, paid time off and voluntary benefits.EOE, Including Disability/VetsLocation:MIDDLETOWN, PA, US, 17057-3197City: MIDDLETOWNState: PACountry/Region: USTravel: Less than 10%Requisition ID: 119833Alternative Locations:Function: Information TechnologyTE Connectivity and its subsidiaries, affiliates, and operating units (collectively, the "Company") is committed to providing a work environment that prohibits discrimination on the basis of age, color, disability, ethnicity, marital status, national origin, race, religion, gender, gender identity, sexual orientation, protected veteran status, disability or any other characteristics protected by applicable law or regulation.
