Lead SIEM Engineer(virtual remote)
Posted on: November 26, 2022
DescriptionThreat Management and Response supports Humana's
value proposition by providing strategic guidance and support for
Enterprise Information Protection (EIP), IT and business clients.
As a Lead SIEM Engineer, you will play a critical role in the
Security Operations by enabling active cyber monitoring capability
for critical platform and applications. You will help building a
single pane view for the security monitoring by adopting use case
driven log ingestion to SIEM, by enabling and optimizing the active
detections and content. You will assist on multiple security and IT
initiatives which will encompass providing direct influence to
multiple project team members, vendors and the implementation of
security monitoring.ResponsibilitiesKey Responsibilities:
- Engineer SIEM solutions to support Humana's Threat
Intelligence, Detection Engineering, Threat Hunting, Adversary
Emulation, and Response teams.
- Adopt a use case driven mindset to (such as MaGMa) gather
requirements, conduct analysis, and develop/deploy threat detection
content and investigation workflows for security operations.
- Enable, tune, and document SIEM content/notables to facilitate
various security operations teams.
- Able to prioritize work using MITRE ATT&CK framework.
- Create and maintain the ATT&CK dashboards to show the
- Develop, implement and maintain solutions for automated threat
detection, behavioral analytics, risk-based alerting.
- Knowledge of SIEM technologies including UEBA and SOAR.
- Hands on administration of Splunk Enterprise Security.
- The know how to research, maintain and support applications and
Add-ons the SIEM capabilities TMR solutions are dependent on.
- Work collaboratively with the platform teams as they onboard
logs needed for the security monitoring use cases in Splunk,
analyzing the data for parsing to make it CIM compliant.
- Develop and manage data model and ensure proper support for the
- Ensure SIEM solution is healthy and fully optimized
- Provide support when needed by the Security Incident response,
Threat hunting and Threat intel teams
- Support the Public Cloud initiatives from Security Operations
point of view. Review new cloud service implementations at Humana
on a regular basis for impacts to security operations.
- Provide daily, ongoing operational support of SIEM, to include
the security impact of proposed modifications, additions, and
technology implementation/refresh operations.
- Maintain knowledge of industry trend in terms of threat
landscape and translate that to the SIEM engineering function to
help protect Humana's cyber assets
- Thoroughly understand software installations, systems
monitoring and troubleshooting, account management, and overall
efforts to ensure uninterrupted log ingestions and threat
- Think creatively to discover and support automation
- Accountability : Meets established expectations and takes
responsibility for achieving results; encourages others to do the
same. Employs focus, attention to detail, reliability, and
appropriate prioritization to drive outcomes. Sees opportunities to
contribute and takes the initiative to create solutions.
- Builds Trust : Consistently models and inspires high levels of
integrity in decisions, speech, and actions. Lives up to
commitments, taking responsibility for the impact of one's actions.
Exercises the courage to prioritize principles and values over
personal or professional gain.
- Influence & Collaborate : Engages others by gathering multiple
views and being open to diverse perspectives, focusing on a shared
purpose that puts Humana's overall success first. Develops and
strengthens networks and relationships, both inside and outside the
organization, that support company performance. Proactively and
transparently contributes information and energy toward creating
value with others.
- Customer Focus : Connects meaningfully with customers to build
emotional engagement and customer advocacy. Develops and applies
deep customer knowledge and intimacy to develop and deliver
products, services, and interactions that provide value beyond
expectations. Simplifies complexity and integrates internal efforts
to deliver an optimal customer experience.Role Essentials
- Bachelor's Degree in Computer Science, Information Technology,
or equivalent experience
- Expert level knowledge of SIEM (Security Information and Event
- Through understanding of MITRE ATT&CK framework and hands
on practical experience using it.
- Knowledge of Advanced Persistent Threats (APT) tactics,
technics, and procedures
- Extensive knowledge in security technologies such as: IDS/IPS,
DLP, Proxy, WAF, EDR, Anti-Virus, Sandboxing, network- and host-
based firewalls, Threat Intelligence, Penetration Testing,
- Experience with SIEM technologies including Use Case and
playbook development, correlation, parsing, upgrades, and ongoing
- Advanced knowledge of Splunk - Enterprise Security
- Understanding of attack activities such as network probing/
scanning, DDOS, malicious code activity, etc.
- Understanding of common network infrastructure devices such as
routers and switches
- Understanding of basic networking protocols such as TCP/IP,
- Expert level knowledge in troubleshooting and resolving complex
Splunk infrastructure issues
- Strong knowledge of organization, technology controls,
security, and risk issues
- Strong consultation, communication skills and ability to
- Excellent written and oral communications skills and ability to
articulate and present information to senior executives, peers, all
levels of technical staff, and stakeholders
- Proven ability to quickly earn the trust of project sponsors
and key stakeholders
- Able to prioritize and execute tasks in a high-pressure
- Ability to communicate at all levels with clarity and precision
both written and verbalRole Desirables
- Preferred IT Industry certifications (Cisco, CISSP, CEH, Azure,
Amazon AWS, Splunk, etc.)
- Knowledge of Azure SentinelScheduled Weekly Hours40Humana
complies with all applicable federal civil rights laws and does not
discriminate on the basis of race, color, national origin, age,
disability, sex, sexual orientation, gender identity or religion.
We also provide free language interpreter services. See our
Keywords: Humana, Shreveport , Lead SIEM Engineer(virtual remote), Engineering , Shreveport, Louisiana
Didn't find what you're looking for? Search again!