Skip to main content

SIEM Engineer - Opportunity for Working Remotely

Primary Location: Columbus,Ohio


Additional Location(s):

Apply Now

This role is fully remote and can be done anywhere in the US.

The Detection Content Management teamin the Threat Management organizationis dedicated toonboarding and maintaining thecontentneeded toenable effective detection and response forVMware’scritical systems, applications, and services. Weonboarddatafromtechnologiesin use at VMwaretocorrelate multiple telemetry pointsandcreate high-quality alertingfor detection and response. Guided by the latest threat research and intelligence,we provide support todeliver whatVMware’sDetection and Response Team (DART)needsfor thedevelopment ofcutting edgethreat detection for our applications and services.

As a SIEM Engineer on the Detection Content Management team, you will be responsible for driving the maturityofour SIEM platform (Splunk)andthe onboarding ofdatafor VMware’s Threat Management team. You’ll collaborate with our colleagues to helpacquire the logs needed to develophigh-quality threat detections that meet the needs of the business. You’ll build relationships with VMware’s internal teams in order to cement the strong security culture. You’ll also create detailed and interactive reporting to communicate our capabilities to business and executive stakeholders. While you’re working outwardly with our colleagues, you’ll also coordinate continuous improvements in our own capabilities.

If the above information excites and motivates you, we want to hear from you!  Please read on and apply today.

This position is responsible for:

  • Actively engaging withdetection and responseanalysts, threat hunters, and various service owners to ensure that the logs are being properly received and ingested into our Splunk environmentand that relevant techniques and capabilities are being leveraged in theirinvestigations

  • Development of Splunk dashboards andreportstodrive time-savings, to demonstrate our capabilities, and toimprove the overall usage ofSplunk

  • Working with our threat hunting team to operationalize advanced hunting techniques into automated alerts for ouranalysts

  • Workingon investigating, socializing, and deployingadvanced capabilities, such as risk-based alerting and analytics, into our Splunk environment

  • Working with security engineers to deliver configurations to enhanceour logs, and ensure they are CIMcompliant

  • Participatingin evaluating, recommending, implementing, and troubleshooting security tools

  • Developing and maintaining logging standardsused across internal and customer facingservices

  • Maintaining a high level of confidentiality.

Required skills and experience:

  • Three years of experiencewithSplunk, with a focus onadvanced development andadministrationtechniques

  • Strong understanding of threat analysis, incident response,and security methodologies, with direct experience as a security analyst or threat hunter being a majorplus

  • Strong written and verbal communication skills

  • Strong technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, and packet inspection. 

  • Ability to accessaservice andidentifyhow componentswork together to understandthe risks the servicefaces

  • Ability to interact effectively at all levels of an organization and across diverse cultural and linguisticbarriers

  • Ability to multitask across multipleengagements

  • Ability to work effectively as part of a team and independently with minimal supervision.

Desired skills/experience/certifications

  • Bachelor’s degree or equivalent experience

  • StrongPCRE Regex and SplunkSearchProcessing Language knowledge a must

  • Certifications such as Splunk Core Certified Advanced Power User, CISSP, GIAC, GCIH, or similar a plus

“This job requisition is not eligible for employment-based immigration sponsored by VMware.” 


Category : Engineering and Technology
Subcategory: Information Security
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2021-04-21



VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.

Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law. Job ID: R2107144
Apply Now
 

Join Our Talent Network

Sign up to stay up-to-date on our latest career opportunities, events and company news.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Engineering, Columbus, Ohio, United StatesRemove
  • Remote, Columbus, Ohio, United StatesRemove
  • Information Security, Columbus, Ohio, United StatesRemove