Security Platform Administrator (SIEM/Tanium)
Horizontal Talent

Job Info

---

Job Description:
The Security Operations team is looking for a Security Platform Administrator who will play a vital role in keeping the company's Global Enterprise safe from cyber-attacks. As the Security Platform Administrator, you will be part of a bigger machine working to protect the company from any malicious activity. This role requires you to work with others to strategize threat prevention, coordinate remediations, and contribute to process improvement.

How You Will Make a Difference:

• Provide 3rd level technical support for all assigned security platforms
• Assist with management of SIEM solution using Microsoft Sentinel and QRadar to collect, correlate, and analyze security events and alerts.
• Key resource for SIEM log ingestion, creating and tuning SIEM rules, queries, and reports.
• Provide subject matter expertise and help maintain all assigned security platforms
• Assist in the creation of and monitoring of dashboards and logs for abnormal behaviors/intrusions
• Utilize Tanium telemetry to promote automation efforts across the various functions within the Digital Technology organization.
• Lead efforts in creating and monitoring Tanium dashboards to drive environmental improvements.
• Perform and oversee daily administration tasks such as maintaining a version status for all deployed products and policies, including the staging and execution of minor platform upgrades.
• Recommend best practices and look for opportunities to improve processes while balancing operational and business risks

Position Requirements:

• 3+ years of relevant, security administration experience
• Ability to manage all aspects of SIEM solution. Experience in Sentinel is required, and QRoC is a plus.
• Experience or knowledge of Tanium is preferred
• Knowledge of client and server operating systems (e.g., Windows, Mac, Linux)
• Knowledge or experience with PKI management (i.e., Cloud or On-prem) a plus
• Strong emphasis on Microsoft security suite
• Subject matter expertise working with Antivirus Software, Host-based firewall, Full Disk Encryption, Application Whitelisting, File Integrity Monitoring a plus
• Knowledge of Email Security protocols including SMTP, SPF, DKIM, and DMARC a plus
• Working knowledge of SASE solutions and/or Zscaler a plus
• Knowledge of Enterprise Management Solutions such as Tanium a plus
• Participate in rotating on-call schedule for after-hours support as needed
• An Associates or Bachelor's degree in Computer Science, Information Systems, or other related fields or commensurate hands-on experience
• Cybersecurity or IT-related certifications (Security+, GSEC, CISSP, equivalent) are a plus
• Minimal travel requirements

---