- Salary: $100000 - $135000
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Optional Telecommute
As the leader of rehabilitative care, Encompass Health offers both facility-based and home-based patient care through its national network of rehabilitation hospitals, home health agencies, and hospice agencies that spans 42 states and Puerto Rico. Setting the standard for providing excellent care, Encompass Health has earned its place among Modern Healthcare’s “Best Places to Work in Healthcare” and the Fortune “World’s Most Admired Companies” for 2021.
As a Senior Security Engineer- SIEM Administrator for Encompass Health Corporation, you will be participating on a team of individuals supporting EHC architecture, security controls, and response capabilities. As a member in the Security team, you will provide support to the SOC and architecture team’s efforts to develop logging, detection, and response capabilities. This senior-level position is primarily responsible for the management and development of the EHC SIEM. The Senior Security Engineer- SIEM Administrator will be responsible for onboarding new data sources, managing data structures, and assisting the security team in developing detection and automating response capabilities.
• Minimum 2 years of experience in SIEM management, or large-scale cyber security data analytics.
• Associates Degree or Undergraduate degree related to computer science or information security recommended. Additional equivalent work experience may be substituted for the degree requirement.
• Strong understanding of Python and Unix shell scripting.
• Strong understanding of parsing and transforming event data with regex and custom log parsers in Logstash.
• Strong understanding of data lifecycle management and index optimization within Elasticsearch.
• Experience integrating security solutions in a multi-vendor environment.
• Experience managing data structures within ElasticSearch.
• Experience with message queuing software such as Redis or Kafka.
• Experience with virtualization and automation technologies such as Docker, Ansible or Vagrant.
• Experience building detection use cases for alerting and dashboards for analysis with Kibana.
• Experience building API integrations using python.
• Experience with STIX/TAXII threat feed integrations.
• Experience with MISP threat sharing platform.