Staff Engineer II - Cyber

Location: Phoenix, AZ
Salary: Not Specified by Client
Description: Job Title:

Staff Engineer II - Cyber
Location:

Phoenix, Columbus or Irving
About the Job:

Western Alliance Bank's (WAB) Security Monitoring Center is dedicated to continuously monitoring our network and systems for suspicious activity, identifying potential security threats, investigating incidents, and responding swiftly to neutralize cyberattacks. Responsibilities include analyzing security alerts, conducting incident response, documenting findings, implementing mitigations, and reporting to stakeholders.
Key Responsibilities:

• Build, maintain, and support technologies for the Security Monitoring Center.
• Contribute to the development of a robust Insider Risk program.
• Collaborate with a team of talented engineers to achieve work objectives and deliverables.
• Challenge and be challenged on ideas to ensure the best solutions for WAB.
• Provide high-quality work documentation, including graphs, flow diagrams, engineering runbooks, and change procedures.

Requirements:

• Education: Bachelor's Degree in Cybersecurity, Computer Science, or related field from a 4-year college or university.
• Experience: Minimum of five (5) years in Information Technology, including:
  • Three (3) years in information security engineering, security risk and compliance management, security project management, security policy management, and other security practices.
  • Three (3) years using scripting techniques (Python, Powershell, Rest API, VB, Ruby, etc.) to automate tasks.
  • Two (2) years in evaluating, installing, configuring, and maintaining at least 2 of the following security tools: IDS, IPS, SIEM, DLP, Proxy, Firewall, Endpoint forensics, disk encryption, GRC, Vulnerability scanner, sandbox, SOAR.
  • Two (2) years administrating a SIEM (Elastic Stack SIEM is a plus).
  • Experience with interpreting and analyzing packet captures via Wireshark.
• Skills:
  • Solid understanding of logging infrastructure concepts (syslog, log parsing, log de-duping, log pulling methods, RFC 5424, CEF Format, JSON, key value pair format, log enrichment, log maintenance, log troubleshooting).
  • Demonstrative SIEM administration (Elastic Stack experience is a plus).
  • Demonstrative SOAR administration and playbook authoring (Palo Alto XSOAR experience is a plus).
  • Proficiency in Python, Powershell, and Bash.
  • Capable of operating entirely day-to-day on a Linux platform.
• Certifications: RHCSA, RHCSE, CCNA, Microsoft, Azure, AWS, VMWare, or related technology training or certifications are a plus. CISSP, CISA, CISM, GIAC, GCIH, Security+ or related certifications are a plus.

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.

Contact:

This job and many more are available through The Judge Group. Please apply with us today!