Fiserv Security Monitoring Systems Engineer in Alpharetta, Georgia

Position Description

SECURITY MONITORING SYSTEMS ENGINEER

What does a great Security Monitoring Systems Engineer do for Fiserv?

Reporting to the Director, Security Monitoring Center (SMC), and the Security Monitoring Systems Engineer will provide operational oversight and technical support for logging and monitoring security technologies in the enterprise environment.

You'll be responsible for configuration and administration of existing security monitoring technology and will also serve as an authoritative escalation point for security event analysis and security monitoring system operational issues. This position is also a key consultant regarding the security controls in the environment, and works closely with other IT and business teams. You'll ensure comprehensive and consistent monitoring of security within Fiserv’s IT infrastructure and general business processes following the Enterprise information security policy and standards as well as other applicable standards and security standard methodologies (i.e. GLBA, PCI, ISO27001).

You'll use your extensive experience with Security Incident Event Manager (SIEM) technologies, with focus on ArcSight experience and working knowledge of Splunk.

YOU'RE THE KIND OF PERSON WHO ENJOYS:

  • Coordinating and conducts security event collection using a log management tool, initiates event management, improves compliance automation, and leverages identity monitoring activities.

  • Working closely with Security Systems Engineering lead to build, run and develop monitoring content for enterprise SIEM systems.

  • Leading the workflow of security events to the appropriate business unit or corporate group.

  • Working with the Fiserv business units, corporate functions, and security and risk personnel.

  • Building and managing asset models that support event data separation Manages SIEM content in ArcSight Enterprise Security Manager within corporate change management system.

  • Providing technical administration services for the Security Incident Event Manager (SIEM) solution.

  • Working closely with IT resources to assist with the development of custom connectors (Agents) for application security logs.

  • Supporting the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, dashboards, searches, trends, reports, and responses using ArcSight ESM to support security monitoring, analysis and reporting.

  • Developing reports on the ArcSight logger to support business group needs and monitoring center needs.

  • Advising senior leadership on SIEM content, SIEM architecture and best practices.

  • Modifying configuration files (internal system)

  • Providing optimization of data flow using aggregation, filters, etc.

  • Tuning SIEM performance and event data quality to maximize system efficiency.

  • Collaborating with IT resources on solving problems and configuring networking devices, various platforms, and databases (Oracle) to appropriately log security events.

  • Assisting desktop services to install ArcSight connectors as needed.

  • Acting as SME for all questions related to the ArcSight SIEM implementation.

  • Conducting life-cycle management of the ArcSight ESM including coordination and planning of upgrades, new deployments, and maintaining current operational data flows.

  • Providing actionable and dedicated engineering plans to management to support ever-increasing availability, capacity, and capability requirements of ESM and infrastructure. Supports the onboarding and training of Security Event Administration staff as needed and provides ongoing ArcSight guidance to the Security Event Administration staff.

  • Facilitating coordinating and performs upgrades and patches of ArcSight Enterprise Security Monitoring Application.

REQUIRED QUALIFICATIONS FOR CONSIDERATION:

  • Minimum of 5 years of professional IT security experience

  • Detailed understanding of network architectures and services (routing, switching, web, DNS, email).

  • Experience with ArcSight or similar system for content development for monitoring and alerting critical security events in Fiserv network.

  • Proficient in the technology, administration, configuration, and troubleshooting of infrastructure components to include connectors (agents), loggers, and ESM.

  • Demonstrable experience designing and implementing new use cases, as well as assessing and optimizing existing use cases.

  • Possess excellent customer service skills – able to describe previous experiences demonstrating responsiveness, attention to detail, commitment to quality, and persistence in resolving customer issues.

  • Partner with Fiserv teams to build systems that would feed into one master monitoring console.

  • Proficient technical writing skills to generate systems documentation, SMC procedures, and externally-facing communications.

  • In-depth, hands-on experience with security features and system administration of Linux, UNIX, and Windows operations systems.

  • Expert understanding of security vulnerabilities in operating systems, web and applications servers, including knowledge of remediation procedures.

  • Expert understanding of Attack activities – address/port scans, man in the middle, sniffing, DoS, DDoS, and the technical aspects of malware such as worms, Trojans, and viruses.

  • Extensive experience with security technologies including firewalls, IDS, logging and monitoring tools, data loss prevention, and anti-virus systems, with specific knowledge of security-related event notifications and log entries generated within these technologies.

  • Good communication, analytical, and problem-solving skills.

  • Strong work ethic that demonstrates self-initiative, discretion, and ability to meet challenges head on.

  • Solid character references given the sensitivity of the role.

EDUCATION:

Bachelor or Masters of Science in Information Security, Computer Science, Risk Management, Information Technology, Engineering, Mathematics or high school diploma with equivalent relevant experience.

Preferred Qualifications For Consideration:

Perl, Python and REST API scripting experience nice to have

Travel - 0%

ABOUT US:

Find Your Forward at Fiserv, a FORTUNE™ 500 company, and join the industry leader in financial services technology. With more than 23,000 associates around the world, we're pushing the boundaries of what's possible with deep expertise and a commitment to innovation.

At Fiserv, you'll find a collaborative environment that values teamwork and open-mindedness. Our unique combination of expertise and innovative spirit helps us deliver the most comprehensive financial solutions to banks and businesses worldwide. We're helping more businesses move money faster and more easily than ever before. Explore the possibilities of a career with Fiserv and Find Your Forward with us.

Fiserv is an equal opportunity Employer/Disability/Vet

Fiserv is an Equal Opportunity Employer/Disability/Vet. Visit http://www.careers.fiserv.com/eeo for more information.