VMware SIEM Engineer - Opportunity for Working Remotely in Indianapolis, Indiana
This role is fully remote and can be done anywhere in the US.
The Detection Content Management team in the Threat Management organization is dedicated to onboarding and maintaining the content needed to enable effective detection and response for VMware’s critical systems, applications, and services. We onboard data from technologies in use at VMware to correlate multiple telemetry points and create high-quality alerting for detection and response. Guided by the latest threat research and intelligence, we provide support to deliver what VMware’s Detection and Response Team (DART) needs for the development of cutting edge threat detection for our applications and services.
As a SIEM Engineer on the Detection Content Management team, you will be responsible for driving the maturity of our SIEM platform (Splunk) and the onboarding of data for VMware’s Threat Management team. You’ll collaborate with our colleagues to help acquire the logs needed to develop high-quality threat detections that meet the needs of the business. You’ll build relationships with VMware’s internal teams in order to cement the strong security culture. You’ll also create detailed and interactive reporting to communicate our capabilities to business and executive stakeholders. While you’re working outwardly with our colleagues, you’ll also coordinate continuous improvements in our own capabilities.
If the above information excites and motivates you, we want to hear from you! Please read on and apply today.
This position is responsible for:
Actively engaging withdetection and responseanalysts, threat hunters, and various service owners to ensure that the logs are being properly received and ingested into our Splunk environmentand that relevant techniques and capabilities are being leveraged in theirinvestigations
Development of Splunk dashboards andreportstodrive time-savings, to demonstrate our capabilities, and toimprove the overall usage ofSplunk
Working with our threat hunting team to operationalize advanced hunting techniques into automated alerts for ouranalysts
Workingon investigating, socializing, and deployingadvanced capabilities, such as risk-based alerting and analytics, into our Splunk environment
Working with security engineers to deliver configurations to enhanceour logs, and ensure they are CIMcompliant
Participatingin evaluating, recommending, implementing, and troubleshooting security tools
Developing and maintaining logging standardsused across internal and customer facingservices
Maintaining a high level of confidentiality.
Required skills and experience:
Three years of experiencewithSplunk, with a focus onadvanced development andadministrationtechniques
Strong understanding of threat analysis, incident response,and security methodologies, with direct experience as a security analyst or threat hunter being a majorplus
Strong written and verbal communication skills
Strong technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, and packet inspection.
Ability to accessaservice andidentifyhow componentswork together to understandthe risks the servicefaces
Ability to interact effectively at all levels of an organization and across diverse cultural and linguisticbarriers
Ability to multitask across multipleengagements
Ability to work effectively as part of a team and independently with minimal supervision.
Bachelor’s degree or equivalent experience
StrongPCRE Regex and SplunkSearchProcessing Language knowledge a must
Certifications such as Splunk Core Certified Advanced Power User, CISSP, GIAC, GCIH, or similar a plus
“This job requisition is not eligible for employment-based immigration sponsored by VMware.”
Category : Engineering and Technology
Subcategory: Information Security
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2021-04-21
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
- VMware Jobs