Consulting Engineer - Content Development Engineer
Area of InterestCustomer Experience
Who You’ll Work With:
Working as a part of Cisco Professional Services Security team delivering Security Operation Center (SOC) services for one of our strategic customers in Saudi Arabia. You will collaborate with other the local onsite team and team leads dedicated for the customer (working Sunday to Thursday local time hours 6 AM- 3 PM).
What You’ll Do:
- Working with the Cybersecurity Incident Response Team and Threat Intelligence Team to identify content improvements.
- Assisting the Cybersecurity Incident Response Team and Threat Intelligence Team with searches by acting as an expert in Splunk Search Language.
- Provide input to the overall SIEM security services architecture, governance model.
- Provide technical oversight, standardization and validation of the effectiveness of SIEM content service.
- Participate in efforts to research, design and implement components in the SIEM content development space that are standards-based, high-performing, highly available and secure.
- Educate internal and external users of security technologies to continually improve the knowledge and skill-base of the organization on how best to operate and support the technology and security services.
- Support, implements and promotes standard configuration and change management, processes and practices.
- Responsible for architecture design, making sure systems are healthy and up and running.
Who You Are:
- Certified Information Systems Security Professional (CISSP)
- Experience with architecting, implementing, and operating Splunk or other big data platforms
- Experience with IDS, IPS, and SIEM appliance architecture, operations, and management (especially ArcSight and Splunk)
- Experience working in a globally distributed enterprise environment
- Experience with monitoring use case implementation methodologies
- Knowledge of Linux, Unix and Microsoft operating systems
- Knowledge of TCP/IP protocols
- Experience using regex (regular expressions) with a scripting language (nix shells, python, c++, ruby, etc.)
- Excellent communication skills and problem-solving ability
- Troubleshooting skills and strong technical learning aptitude
- Previous experience specifically with Fidelis (EDR), Demisto (SOAR), Symantec (DLP), Anomali (Threat Intelligence) is an advantage.
We Are Cisco
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here’s how we do it.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (30 years strong!) and only about hardware, but we’re also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!
But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.