The Security Operations team is looking for a Security Platform Administrator who will play a vital role in keeping the company's Global Enterprise safe from cyber-attacks. As the Security Platform Administrator, you will be part of a bigger machine working to protect the company from any malicious activity. This role requires you to work with others to strategize threat prevention, coordinate remediations, and contribute to process improvement.
How You Will Make a Difference:
Provide 3rd level technical support for all assigned security platforms
Assist with management of SIEM solution using Microsoft Sentinel and QRadar to collect, correlate, and analyze security events and alerts.
Key resource for SIEM log ingestion, creating and tuning SIEM rules, queries, and reports.
Provide subject matter expertise and help maintain all assigned security platforms
Assist in the creation of and monitoring of dashboards and logs for abnormal behaviors/intrusions
Utilize Tanium telemetry to promote automation efforts across the various functions within the Digital Technology organization.
Lead efforts in creating and monitoring Tanium dashboards to drive environmental improvements.
Perform and oversee daily administration tasks such as maintaining a version status for all deployed products and policies, including the staging and execution of minor platform upgrades.
Recommend best practices and look for opportunities to improve processes while balancing operational and business risks
Position Requirements:
3+ years of relevant, security administration experience
Ability to manage all aspects of SIEM solution. Experience in Sentinel is required, and QRoC is a plus.
Experience or knowledge of Tanium is preferred
Knowledge of client and server operating systems (e.g., Windows, Mac, Linux)
Knowledge or experience with PKI management (i.e., Cloud or On-prem) a plus
Strong emphasis on Microsoft security suite
Subject matter expertise working with Antivirus Software, Host-based firewall, Full Disk Encryption, Application Whitelisting, File Integrity Monitoring a plus
Knowledge of Email Security protocols including SMTP, SPF, DKIM, and DMARC a plus
Working knowledge of SASE solutions and/or Zscaler a plus
Knowledge of Enterprise Management Solutions such as Tanium a plus
Participate in rotating on-call schedule for after-hours support as needed
An Associates or Bachelor's degree in Computer Science, Information Systems, or other related fields or commensurate hands-on experience
Cybersecurity or IT-related certifications (Security+, GSEC, CISSP, equivalent) are a plus
