SIEM/Elastic Engineer

Phoenix, Arizona
04/12/2024
Phoenix
Depends on Experience 
Full-Time

COMPANY OVERVIEW

Join our award-winning team at Information Management Resources, Inc. (IMRI), a small business leader in the technology industry known for our commitment to innovation, excellence, and authenticity. Founded in 1992, IMRI has been at the forefront of delivering advanced cybersecurity and IT solutions, safeguarding organizations against evolving threats. We have built a reputation for our expertise in Cybersecurity, Digital Transformation, Strategic Business Consulting, and Staff Augmentation. Guided by our core values of innovation, excellence, and a solution-driven mindset, we have served a diverse portfolio of customers that includes federal agencies, state and local governments, and Fortune 1000 companies.

At IMRI, we recognize the integral part our employees play in our ongoing success. To support this, we offer a comprehensive benefits package, tailored to meet the individual needs of our employees. We are committed to promoting their overall well-being and equipping them with the necessary tools to flourish in their careers. We welcome you to be a part of our ongoing mission as we continue to navigate the digital landscape, committed to empowering organizations with our innovative solutions.

Job Description:
The SIEM Engineer must have experience with the management and maintenance of Security Information and Event Management (SIEM) solution (preferably Elastic) to optimize, detect, analyze, and respond to security incidents effectively. The ideal candidate will have a strong background in cybersecurity, extensive experience with SIEM technologies, and a passion for staying ahead of emerging threats as well as work to support the customer’s SOC Manager and other staff.


Responsibilities:
-  Design, implement, and configure SIEM solutions to collect, correlate, and analyze security events and logs from various sources.
-  Monitor SIEM alerts and investigate security incidents to identify potential threats and vulnerabilities.
-  Develop and maintain correlation rules, filters, and dashboards to improve the accuracy and efficiency of threat detection.
-  Collaborate with cross-functional teams to remediate security vulnerabilities and ensure compliance with industry standards and   regulations.
-  Conduct regular assessments and audits of SIEM configurations to optimize performance and enhance threat detection capabilities.
-  Provide technical expertise and support to SOC (Security Operations Center) analysts during incident response activities.
-  Stay current on emerging threats, vulnerabilities, and security technologies to proactively mitigate risks and improve security posture.

Requirements:
-  Hands-on experience with leading SIEM platforms such as Splunk, IBM QRadar, ArcSight, or LogRhythm, preferably Elastic.
-  Strong understanding of security principles, protocols, and best practices and the ability to execute the customer’s security practices.
-  Proficiency in scripting languages (e.g., Python, PowerShell) for automation and customization of SIEM solutions.
-  Excellent analytical and problem-solving skills, with the ability to troubleshoot complex security issues.
-  Relevant certifications such as CISSP, GIAC, or vendor-specific SIEM certifications are a plus.

EQUAL EMPLOYMENT OPPORTUNITY

EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.