The SIEM Engineer will be responsible for developing, implementing and administering all aspects of the AMLRS SIEM system. As part of the Information Security team, you'll ensure our monitoring is in adherence to our internal policies as well as aligned with industry standard practice. This will involve the ability to work independently, as well as in partnership with internal teams.
As part of the Information Security team, the SIEM engineer will be involved in risk assessments of AMLRS operations and identifying significant risks and mitigating factors as part of its Enterprise Risk Management Program.
- Administer and build out our global Splunk platform for both security and application sales
- Create dashboards, scheduled searches, and alerts based on requirements given to them by the security department
- Add additional data sources to the Splunk platform as we continue to expand
- Conduct periodic audits of SIEM to ensure rules and settings are sufficient and that they are working properly
- Help investigate any security related alerts
- Relevant Post-secondary education (e.g. STEM degree, IT/IS certifications)
- 3-5 years Splunk experience
- Ability to work with many different data sources
- Ability to work largely independently
- Splunk Cert/Sec+
- 6+ years of related work experience
- Prior SOC2 and/or ISO27001 experience as it relates to providing evidence
- Prior AWS, Azure, O365, and/or SAAS (cloud based) experience