Principal Sentinel Engineer

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Principal Sentinel Engineer is a part of our Advanced Security Operations Center within Verizon’s Managed Security Services team. This role is designed to provide senior level leadership for the design, engineering, and implementation of security event data collection for our managed security service customers related to incident response, threat monitoring, threat intelligence, and operations across the Sentinel SIEM. You will be engaged in work related to data identification, assessment, ingestion, normalization and enrichment activities required for Verizon’s Advanced Security Operations Center to perform proper detection and analytics of cyber threats and response.

• Lead and perform the content development within the SIEM Platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and log source configuration.
• Threat hunting and independent threat research to augment and feed custom use case creation.
• Work with the customer to incorporate asset landscape details, severity threats campaigns, and data breaches, as well as perform impact and exposure assessments relative to the customer.
• Act as an escalation point for the Security Analysts to assist and advise on the most complex security threat investigations.
• Support and consult vendors and customers to assist in implementing sound and secure logging practices while interfacing with customers in support of their logging requirements.
• Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform.
• Determine and report the accomplishments of project initiatives across stakeholder groups, providing consulting and guidance on how to drive business results from the data available.
• Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details.
• Mentor and support SOC Analysts Tier 1-3.

Where you'll be working:

In this hybrid role, this position is primarily work from home, with some days that may be required to be worked in the office.

What we’re looking for...

You'll need to have:

• Bachelor’s degree or four or more years of work experience.
• Six or more years of relevant work experience as a SIEM / SEMEngineer with experience creating custom use cases, dashboards, and reporting.
• Six or more years of experience as a SIEM / SEMEngineer and Content Developer, especially for Splunk ES, QRadar, Sentinel, Sumo Logic, Chronicle, Sentinel etc.
• Experience with Azure Sentinel
• SIEM administration, configuration, optimization experience.
• Threat hunting experience.
• Experience with Linux command line.
• Experience with regular expressions and data normalization.

Even better if you have:

• Master's degree in information security, cyber security, computer science or a related field.
• Other SIEM experience.
• Experience with SIEM Logs and as a Network Certified Administrator.
• Strong interpersonal skills and collaborative style to enable success across multiple partners.
• Experience working in a Security Operation Center environment.
• Cloud experience.
• Capability to clearly and succinctly explain highly complex issues to senior executives.
• Strong communication and presentation skills along with the ability to handle multiple priorities in a fast paced dynamic environment.
• Experience preparing and delivering presentations to peers or senior executives.
• Ability to negotiate, when warranted, in order to work with other teams.
• Ability to grasp and assess “big picture” issues and bring them to light in order to foster positive change for a more robust data ingestion platform and process.

22CyberOPS

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons).