Cyber Security Engineer – SIEM/SOAR

Join Mizuho as a Cyber Security Engineer – SIEM/SOAR!

In this role you will be responsible for supporting Mizuho’s needs to support Cyber Security Monitoring and Incident Response automation. You will be expected to support these platforms via projects and various BAU activities. You should be experienced in developing actionable cyber security rules and effective automations. You must have experience and understanding of the data provided by security tools and other platforms to effectively manage cyber security functions. You must show aptitude in handling custom data sources and writing and adjusting log parsers. You should will be expected to gather requirements of detections and playbooks, outline the required steps to take, and deliver a complete solution with proper documentation. Additionally, there is an expectation to ensure compliance with regulatory requirements as Mizuho operates in a highly regulated industry.

Major Responsibilities:

• Support SIEM, SOAR
• Run and support projects related to improving the functionality of SIEM and SOAR platforms
• Support log life cycle management
• Maintain performance and support uptime of SIEM and SOAR platforms.
• Support platform integrations and data source onboarding
• Troubleshooting of reported issues with tools/platforms.
• Work within tools to support monitoring use cases
• Interface with vendors for support and information on products

Required Qualifications:

• Strong hands-on technical experience with SIEM (Splunk) and SOAR (XSOAR) tools mentioned in the job description.
• Experience with integrating various tools/data sources with SIEM/SOAR tools
• Experience developing custom integrations for unsupported data sources/tools
• Experience performing upgrades and deployment of SIEM/SOAR tools/components/apps/integrations
• Understanding of the Incident Response Lifecycle
• Experience developing detection engineering pipelines
• Experience developing SOAR playbooks from start to finish
• Experience collecting requirements from security analysts/IR teams
• Experience working supporting Servers/Appliances through VMware
• Understanding of DNS and IP networking
• Strong troubleshooting/root cause analysis skills
• Self-driven – ability to take requirements/tasks and complete independently
• Strong communication skills to report on risks to the organization and project commitments/deliverables
• Understanding of the Incident Response life cycle is required as engineering may serve as an escalation point for Security Operations.
• Working knowledge of Linux (RHEL) and Windows OSes required.
• Ability to script/code to aid automation required – preferably Python or PowerShell.
• High attention to detail.
• Educational background with BS/MS in Computer Science, Computer Engineering, Information Technology, Cyber Security, or similar
• 7+ years of experience in a similar or related position.

Additional Qualifications:

• Experience with the following tools are a plus:CrowdStrike EPPOther SIEMs/SOARsNetskope or other SASENext Gen FirewallsTenableExtraHop/Reveal(x)Cisco UmbrellaDUOLastPassJIRA, Gitlab, Ansible
• Experience working with the Financial Services Industry
• Previous experience in system/network administration, software development or desktop engineering a plus

Hybrid position in NYC/NJ. May be required to be on-call with a rotating schedule.

The expected base salary ranges from $111k,000 - $140,000. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, including Medical, Dental and 401K plans, successful candidates are also eligible to receive a discretionary bonus.

#LI-Hybrid

Other requirements

Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in-office requirements that will be communicated to you as part of the recruitment process.