Deployment and Integration - SOAR/SIEM Consultant - Mandiant Dallas, TX Bookmark Share Print 454 0 1

Listing Description

Job Description

The Deployment and Integration – SOAR/SIEM Consultant is responsible for enabling FireEye customers to protect their networks, systems, and data using FireEye technology to combat advanced attackers. As such, you will work with customers directly and assist them in building defensive, highly-customized security playbooks using the FireEye Security Orchestrator and in implementing specific use cases in FireEye Helix. This role is highly detail oriented and will require hands-on knowledge of programming languages, APIs and integrations.

What You Will Do:

• Design, build and maintain efficient, reusable and reliable Security Automations for security operations centers around the world
• Onboard data sources in FireEye Helix and design and build rules and dashboards to implement customer use cases
• Create detailed technical process documentation
• Manage and lead projects with direct customer interaction
• Work with strategic customer accounts on product related consulting services
• Review API documentation and connect third-party services to FireEye products
• Provide deployment and configuration services for the FireEye suite of products
• Integrate FireEye security solutions with other security products in the customer’s network
• Support regional sales staff on in-depth technical consulting services
• Maintain current knowledge of tools and best-practices in combatting advanced persistent threats; including tools, techniques, and procedures (TTPs) of attackers and tools and processes for forensics and incident response

Requirements:

• 1+ years in a security consulting environment
• 2+ years of hands-on experience with scripting languages such as JavaScript and Python
• 2 to 5 years’ experience in network security
• Working knowledge of version control systems like GIT
• Familiarity with at least one query language like SQL, MySQL, SPL, etc.
• Experience working with REST and other third-party API integrations
• General understanding of security infrastructure and related technologies (proxies, firewalls, email filtering technologies, and network intrusion detection systems) 
• Experience with virtualized environments like VMWare or VirtualBox
• Experience with cloud providers such as Microsoft Azure, AWS, and GCP nice to have
• Ability to use ticketing systems like ServiceNow and JIRA
• Experience and knowledge of network protocols, packet flow, TCP and UDP traffic
• Experience with FireEye security products, highly desired
• SOC consulting experience, highly desired
• Experience configuring, managing, and using one or more SIEM / SOAR products, highly desired
• Experience with Microsoft Sentinel highly desired

Additional Qualifications

• Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences
• Ability to handle multiple projects with limited oversight from project managers
• Ability to build strong client relationships and to interact effectively at all levels of the customer’s organization, including senior executives
• Ability to set and manage expectations with senior stakeholders and team members
• Must be willing to travel 50%

Company Benefits:

We work hard to embrace diversity and inclusion and encourage everyone at Trellix to bring their authentic selves to work every day. 

We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. • Pension and Retirement Plans • Medical, Dental and Vision Coverage • Paid Time Off • Paid Parental Leave • Support for Community Involvement

We're serious about our commitment to diversity, which is why Trellix prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Mandiant (formerly FireEye) has announced the sale of its Products business to Symphony Technology Group. Learn more about the sale here: https://www.fireeye.com/company/press-releases/2021/fireeye-announces-sale-of-fireeye-products-business-to-symphony-technology-group.html. This position will be part of the FireEye Security organization under the purchasing company. Our new company's security portfolio protects customers across endpoints, infrastructure, applications, and in the cloud. We will accelerate efforts to develop an integrated security platform powered by artificial intelligence and automation for superior threat detection and prevention.