Information Security SOC Engineer

Description

Information Security SOC Engineer 

Company: Hitachi America Limited

Division: HAL Information Technology Group (ITG) – Supporting Information Security Team

Location: Santa Clara, California, Texas, Chicago, Remote

Status: Regular, Full-Time.

Company Overview:

Hitachi America Ltd., located in Santa Clara CA, is the U.S. headquarters Regional Headquarters (RHQ) for Hitachi Ltd., based in Tokyo, Japan.

Position Summary:

Hitachi America Ltd (HAL) we are currently seeking an Information Security SOC Engineer to join HAL Information Security Team.

The SOC Engineer is a member of HAL InfoSec AM-Security Operation Center.  You oversee technical design, configuration, simulation, implementation and automation of Splunk Enterprise Security (Cloud) and Microsoft Defender Suite (Endpoint/Cloud/AV) capabilities; leveraging SOAR and AI/ML functionality to produce the next generation of SOC effectiveness that provide a security capability for detecting and responding to evolving cyber threats. You, as technical lead of the technologies will be responsible of maintaining and updating tools and systems that support our HAL AM SOC. You are a specialist who focuses on security aspects in the design of SOC monitoring platforms (Splunk/Microsoft Defender Suite). Creates solutions and tools that help SOC deal robustly with disruption of operations or malicious attacks. 

You must have deep knowledge and understanding of Splunk Enterprise Security (Cloud), Microsoft Defender Suite and Sentinel components. Skilled with onboarding, tuning, reporting, and configuring SIEM solutions.  Ready to update on new threats and developing security standards. This will include updating documentation, Playbooks, Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs) for the SOC.

This opportunity requires ambition, drive, and a desire to build a best-in-class solution.  The ideal candidate must possess +5 years of experience in Information Security, 3-years of experience in: Incident Management, Incident Response, SOC Analyst, SOC Engineer, endpoint (incl Server) security and network (Incl Cloud) security.   The ideal candidate should possess experience managing Microsoft Defender for Endpoint, Microsoft defender for Cloud, Microsoft Sentinel and Splunk Enterprise Security to receive and look into daily alerts, oversees and configures security monitoring tools, support real security incidents and manage testing response plans.   A strong written & verbal communication skill is required.  Knowledge or experience of Splunk SOAR is a plus.

Job Responsibilities:

• Co-Architect and Design MDE Security Solution (Size, Planning, upgrade) and lead new implementation with Global Security SOC team.

• Co-Architect security appliance solutions MDE/Splunk and create an auditing and logging strategy

• Responsible for content Management over HAL MDE/Splunk, create new rules, new use cases, reports, etc.

• Actively monitor HAL Infrastructure logs, manage MDE/Splunk Alerts to determine which alerts are relevant for immediate action, from those not relevant.

• Responsible to tune all MDE/Splunk appliances for relevant alerting levels.

• Open Support Tickets with Vendor •    Manage Parsers and prioritize issues.

• Support SIEM Operating System, Servers/Hardware and Storage

• Patch SIEM Application/Addons and manage certificates 

• Develop and maintain logging configuration standards and testing them.

• Lead Intake of Project/Application/Infrastructure Requirements

• Lead Intake of New Data Sources

• Manage Compliance Requirements Intake

• Co-responsible to analyze Cisco CES email events, KnowBe4 phishing and malware for relevant alerting levels.

• Manage ingestion of Cyber Threat Intelligence over MDE/Splunk.

• Support Incident response and documentation as needed by SOC analyst lead.  

• Support threat hunting and detection engineering on Splunk Enterprise Security and MDE to provide Threat Response services (IOCs) to pinpoint affected systems and the extent of the attack. 

• Support testing Cybersecurity response plans.

• Contribute to continuous improvement of SOC processes, tooling, and documentation.

Required Qualification and Skills:

The ideal candidate must meet the following qualifications:

• Bachelor’s degree in information security, Information Systems, Computer Science, Engineering or related field(s) or equivalent demonstrated work experience.   

• 7 years of directly related experience in Information Security Management

• 5 years of demonstrated IT Security experience in Incident Management, Incident Response, SOC Analyst, SOC Engineer, endpoint security (incl Server) and network security (incl Cloud).

• 3 years of understanding and knowledge of two or more of the following security related technologies: Intrusion Prevention systems, Web Proxies, SIEM, Firewalls, Web application scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools.

• Basic Python knowledge and scripting experience.

• Prior Security Analyst job experience in Splunk SIEM content management & content creation.

• Prior Security Analyst job experience in Microsoft Defender for Endpoint and defender for cloud.  Microsoft Sentinel SIEM content management & content creation.

• Exceptional organizational skills.

• Strong, professional written and verbal communication skills.

Additional qualifications:

• Relevant professional certifications or working towards attainment such as: CISSP, GIAC GCIH, Network+, Security+, CSA+, Splunk or Microsoft Certifications etc.

 For residents of New York City, New York, California, and Washington state only, as required under applicable pay transparency laws, the expected salary range for this position if filled remotely is $96,960 - $121,200. Pay is determined based on a variety of factors including, but not limited to, depth of experience in the practice area. Employees are eligible to participate in Hitachi America’s variable pay program, subject to the program’s conditions and restrictions.

For residents outside of New York City, New York, California, and Washington state, as required under applicable pay transparency laws, the expected salary range for this position if filled remotely is $82,416 - $103,020. Pay is determined based on a variety of factors including, but not limited to, depth of experience in the practice area. Employees are eligible to participate in Hitachi America’s variable pay program, subject to the program’s conditions and restrictions.

Equal Opportunity Employer (EOE)-Females/Minorities/Protected Veterans/Individuals with Disabilities

If you need a reasonable accommodation to apply for a job at Hitachi, please send the nature of request and contact information to [email protected]. Queries other than accommodation requests will not be responded to.