Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Lexington, KY
View more jobs in Kentucky

Job Details

Senior SIEM Engineervirtual remote

Company name
Humana Inc.

Location
Lexington, KY, United States

Employment Type
Full-Time

Industry
It, Engineering

Posted on
May 09, 2023

Apply for this job






Profile

Description

Open to US remote

Threat Management and Response supports Humana's value proposition by providing strategic guidance and support for Enterprise Information Protection (EIP), IT and business clients. As a Senior SIEM Engineer, you will play a critical role in the Security Operations by enabling active cyber monitoring capability for critical platform and applications. You will help building a single pane view for the security monitoring by adopting use case driven log ingestion to SIEM, by enabling and optimizing the active detections and content. You will assist on multiple security and IT initiatives which will encompass providing direct influence to multiple project team members, vendors and the implementation of security monitoring.

Responsibilities

Key Responsibilities:

Engineer SIEM solutions to support Humana's Threat Intelligence, Detection Engineering, Threat Hunting, Adversary Emulation, and Response teams.

Adopt a use case driven mindset to gather requirements, conduct analysis, and develop/deploy threat detection content and investigation workflows for security operations.

Enable, tune, and document SIEM content/notables to facilitate various security operations teams.

Able to prioritize work using MITRE ATT&CK framework.

Create and maintain the ATT&CK dashboards to show the coverage.

Develop, implement and maintain solutions for automated threat detection, behavioral analytics, risk-based alerting.

Knowledge of SIEM technologies including UEBA and SOAR.

Hands on administration of Splunk Enterprise Security.

The know how to research, maintain and support applications and Add-ons the SIEM capabilities TMR solutions are dependent on.

Work collaboratively with the platform teams as they onboard logs needed for the security monitoring use cases in Splunk, analyzing the data for parsing to make it CIM compliant.

Develop and manage data model and ensure proper support for the detections

Ensure SIEM solution is healthy and fully optimized

Provide support when needed by the Security Incident response, Threat hunting and Threat intel teams

Support the Public Cloud initiatives from Security Operations point of view. Review new cloud service implementations at Humana on a regular basis for impacts to security operations.

Provide daily, ongoing operational support of SIEM, to include the security impact of proposed modifications, additions, and technology implementation/refresh operations.

Maintain knowledge of industry trend in terms of threat landscape and translate that to the SIEM engineering function to help protect Humana's cyber assets

Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to ensure uninterrupted log ingestions and threat detections.

Think creatively to discover and support automation opportunities

Key Competencies

Accountability : Meets established expectations and takes responsibility for achieving results; encourages others to do the same. Employs focus, attention to detail, reliability, and appropriate prioritization to drive outcomes. Sees opportunities to contribute and takes the initiative to create solutions.

Builds Trust : Consistently models and inspires high levels of integrity in decisions, speech, and actions. Lives up to commitments, taking responsibility for the impact of one's actions. Exercises the courage to prioritize principles and values over personal or professional gain.

Influence & Collaborate : Engages others by gathering multiple views and being open to diverse perspectives, focusing on a shared purpose that puts Humana's overall success first. Develops and strengthens networks and relationships, both inside and outside the organization, that support company performance. Proactively and transparently contributes information and energy toward creating value with others.

Customer Focus : Connects meaningfully with customers to build emotional engagement and customer advocacy. Develops and applies deep customer knowledge and intimacy to develop and deliver products, services, and interactions that provide value beyond expectations. Simplifies complexity and integrates internal efforts to deliver an optimal customer experience.

#LI-Remote

Qualifications

Role Essentials

Bachelor's Degree in Computer Science, Information Technology, or equivalent experience

Expert level knowledge of SIEM (Security Information and Event Management)

Through understanding of MITRE ATT&CK framework and hands on practical experience using it.

Knowledge of Advanced Persistent Threats (APT) tactics, technics, and procedures

Extensive knowledge in security technologies such as: IDS/IPS, DLP, Proxy, WAF, EDR, Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.

Experience with SIEM technologies including Use Case and playbook development, correlation, parsing, upgrades, and ongoing maintenance

Advanced knowledge of Splunk - Enterprise Security

Understanding of attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.

Understanding of common network infrastructure devices such as routers and switches

Understanding of basic networking protocols such as TCP/IP, DNS, HTTP

Expert level knowledge in troubleshooting and resolving complex Splunk infrastructure issues

Strong knowledge of organization, technology controls, security, and risk issues

Strong consultation, communication skills and ability to triage.

Excellent written and oral communications skills and ability to articulate and present information to senior executives, peers, all levels of technical staff, and stakeholders

Proven ability to quickly earn the trust of project sponsors and key stakeholders

Able to prioritize and execute tasks in a high-pressure environment

Ability to communicate at all levels with clarity and precision both written and verbal

Role Desirables

Preferred IT Industry certifications (Cisco, CISSP, CEH, Azure, Amazon AWS, Splunk, etc.)

Remote/WAH requirements:

WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.

A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.

Satellite and Wireless Internet service is NOT allowed for this role.

A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Scheduled Weekly Hours

40

Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.

Company info

Humana Inc.
Website : http://www.humana.com

I like the volume of jobs on EmploymentCrossing. The quality of jobs is also good. Plus, they get refreshed very often. Great work!
Roberto D - Seattle, WA
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
InformationTechnologyCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
InformationTechnologyCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2024 InformationTechnologyCrossing - All rights reserved. 169 192