The cybersecurity architect is responsible for managing all aspects of the SIEM to include operations and maintenance for all lookup files, integrating security feeds, developing the alerting framework, developing the risk framework and the orchestration of all security devices. The role is also responsible for ensuring that data quality. DUTIES AND RESPONSIBILITIES: Installing or updating Security Incident & Event Management (SIEM) and Security Orchestration and Automated Response (SOAR) applications. Conduct development efforts to include queries to retrieve data, dashboards or alerts. Develop automated integration via Application Programming Interface (API) with other
judiciary security devices to monitor security feeds to ensure they are appropriately
populating events. Ensure that all new dataflows are appropriately modeled to their appropriate Common Information Model. Develop and maintain a QA framework that identifies large changes in data quality within the SIEM. Manage and improve the SIEM frameworks including Notable Event, Threat Intelligence, the
Risk Based Alerting, and Assets & Identity. REQUIRED SKILLS: Must have a minimum of 7 years of experience in managing and architecting a large Splunk environment. Must have a detailed understanding of and at least 3 years of experience with Splunk Enterprise Security
frameworks including: notable event, threat intelligence, risk, assets & identities. Must have at least 3 years of experience and extensive working knowledge of the Common Information Model (CIM). Must have a detailed understanding of all Splunk back-end configuration files. Must be proficient in Python programming. Experience developing system interconnects via API to include data exchange via XML and JSON. SUPERVISORY RESPONSIBILITIES: As assigned.
PHYSICAL REQUIREMENTS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Essential functions require light to moderate physical exertion in lifting and carrying items weighing from 10 to 50 pounds with occasional lifting over 50 pounds with assistance. The position requires long periods of standing, stooping, climbing and working in areas of operating equipment.
Work shall be performed throughout the buildings and some outside work may be required.
WORKING CONDITIONS: Work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This position is subjected to high level noises, fumes from solvents and soil from grease.
SUPERVISORY RESPONSIBILITIES: Coordinates, supervises, and/or manages support personnel.
ADDITIONAL QUALIFYING FACTORS: As a condition of employment, must pass a pre-employment drug screening, as well as have acceptable reference and background check results.
The Tatitlek Corporation gives hiring, promotion, training and retention preference to Tatitlek shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.
As an equal opportunity employer, The Tatitlek Corporation recognizes that our strength lies in our people. Discrimination and all unlawful harassment, including sexual harassment, in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment. We support and obey laws that prohibit discrimination everywhere we do business.
DOE
