Description
Job Seekers can review the Job Applicant Privacy Policy by clicking here (http://ryder.com/job-applicant-privacy-policy) .
Job Description :
Summary
The Security Operations Center (SOC) Engineer Role is designed to provide senior level leadership for the design, engineering, and implementation of the security event data collection for the Enterprise Information Security organization related to incident response, threat monitoring, threat intelligence, and operations across SIEM platforms. This Role will be engaged in work related to data identification, assessment, ingestion, normalization and enrichment activities required for Ryder's Security Operations Center to perform proper detection and analytics of cyber threats and response. The role also provides proactive and preventive analysis of systems through product-specific SIEM tools and ancillary solutions used in security. The role also ensures SIEM solutions aid in the output of metrics to senior management to help maintain a safe and secure enterprise technical operation. Daily, the engineer ensures SIEM solutions are healthy, maintaining integrity and performing optimally, and that capacity keeps up with demand as well as managing and optimizing security infrastructure, including robust monitoring, effective alerting, automation, comprehensive reporting, and hands-on system administration. To be successful, a solid understanding of and practical hands-on experience with security principles, host configurations and networking is required.
Essential Functions
- Serve as the SOC engineer for SIEM design, related components, and the confidentiality, integrity, and availability (CIA) of logs.
- Implement and manage automated alerting systems to ensure timely detection and response to potential security incidents, enabling proactive mitigation efforts.
- Oversee the management and maintenance of security systems, ensuring proper configuration, regular updates, and seamless integration into the organization's broader security infrastructure. This includes the continual evaluation of system performance and effectiveness.
- Maintain and manage a variety of security tools and hardware, ensuring their optimal performance, availability, and configuration. This includes routine hardware upkeep, troubleshooting technical issues, and software updates to align with industry standards and emerging technological advancements.
- Integrate threat intelligence into operational frameworks to enhance detection capabilities. This involves analyzing external intelligence sources, correlating them with internal data, and adapting defense strategies based on insights.
- Lead and perform the content development within the SIEM platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and Log source configuration.
- Leverage SOAR (Security Orchestration, Automation, and Response) technologies to streamline and automate incident response workflows, reducing reaction times and improving operational efficiency.
- Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details.
- Help correlate events to support SOC response requirements.
Additional Responsibilities
- Be readily available for incident response, forensic, troubleshooting and security issues requiring event details.
- Support SOC automation initiatives leveraging playbooks, while also using human analysis as needed.
- Actively engage in security projects across the business to implement event and logging requirements.
- Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team.
- Maintain up-to-date level of knowledge related to security threats, vulnerabilities and mitigations set forth to reduce attack surface.
- Openly support the CISO, management team and executive leadership, even during tumultuous times.
- Support SOC Analyst Tier 1-3
- Act as an escalation point for the security Analysts to assist and advise on the most complex security threat investigations.
- Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with eh SIEM platform.
- Perform other duties as assigned.
Skills and Abilities
- Strong communication skills, enabling effective collaboration across various departments and clear articulation of findings and recommendations., Required
- Ability to analyze event and incident logs and work with SOC and IR teams to assess security events related to malware, vulnerabilities, exploits and kill chain methodology., Required
- Ability to interface with threat intelligence platforms and SOAR solutions to centralize and manage incidents and remediation workflow., Required
- Excellent organizational and time-management skills to navigate and prioritize multiple security tasks simultaneously while maintaining focus on key objectives., Required
- Ability to liaison to conduct tabletop exercises for security incidents and events., Required
- Ability to grasp and assess “big picture” issues and bring them to light to foster positive change for a more robust data ingestion platform and process., Required
- Strong project management, multitasking and organizational skills., Required
- Capable of working with diverse teams and promoting a positive enterprise-wide security culture, Required
- Highly organized, efficient, self-starter requiring minimal supervision., Required
Qualifications
- Bachelor's Degree in Computer Science or 4+ years as a Cyber Security/SOC Engineer, Required
- 4 years or more in Cybersecurity or information technology practitioner experience., Required
- 4 years or more in Experience configuring Log data collection, enrichment, deployment, integration and deployment., Preferred
- 4 years or more in Experience operating in a Security Operations Center (SOC) and incident response environment., Preferred
- Knowledgeable of and hands-on experience with supporting intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), Active Directory (AD) and application security. Intermediate, Required
- Advanced knowledge of operating system configuration (Windows, Unix, Linux) and networking (DNS, DHCP, routing protocols). Intermediate, Required
- Strong understanding of key performance indicators (KPIs) and service-level agreements (SLAs) attributed to security and business objectives for key stakeholders. Advanced, Required
- Experienced with one or more scripting languages (e.g., Python, PowerShell, Bash, etc.). Intermediate, Preferred
- Experience preparing and delivering presentations to peers or senior executives. Intermediate, Required
- & Information Risk, Privacy, or Security Certification (CISSP, CCSK, CCSP, PCSM), Required, 1 Year
Travel
- Yes, 0-10%
Job Category: Information Security
Compensation Information :
The compensation offered to a candidate may be influenced by a variety of factors, including the candidate's relevant experience; education, including relevant degrees or certifications; work location; market data/ranges; internal equity; internal salary ranges; etc. The position may also be eligible to receive an annual bonus, commission, and/or long-term incentive plan based on the level and/or type. Compensation ranges for the position are below:
Pay Type :
Salaried
Minimum Pay Range:
$90,000.00
Maximum Pay Range:
$110,000.00
Benefits Information:
For all Full-time positions only : Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax-advantaged 401(k) retirement savings plan.
Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace.
All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability.
Important Note :
Some positions require additional screening that may include employment and education verification; motor vehicle records check and a road test; and/or badging or background requirements of the customer to which you are assigned.
Security Notice for Applicants:
Ryder will only communicate with an applicant directly from a [@ryder.com] email address and will never conduct an interview online through a chat type forum, messaging app (such as WhatsApp or Telegram), or via an online questionnaire. During an interview, Ryder will never ask for any form of payment or banking details and will never solicit personal information outside of the formal submitted application through www.ryder.com/careers .
Should you have any questions regarding the application process or to verify the legitimacy of an interview or Ryder representative, please contact Ryder at careers@ryder.com or 800-793-3754.
Current Employees :
If you are a current employee at Ryder, please click here (http://wd5.myworkday.com/ryder/d/task/1422$3.htmld) to log in to Workday to apply using the internal application process.
Job Seekers can review the Job Applicant Privacy Policy by clicking here (http://ryder.com/job-applicant-privacy-policy) .
\#wd
Apply on company website
Find Connections via Linkedin
