BNY is seeking a SIEM Engineer to improve threat visibility, fine-tune detection rules, and develop dashboards that provide actionable insights into security threats and operational risks.
Requirements
Experience in SIEM engineering, cybersecurity operations, or data analytics.
Strong hands-on experience with Securonix SIEM, including rule creation, log ingestion, and dashboard development.
Proficiency in SQL, Python, Splunk, Elastic Stack, or other data analytics tools.
Experience with threat detection techniques, behavioral analytics, and machine learning in security.
Familiarity with cloud security monitoring (AWS, Azure, GCP) and integration with SIEM solutions.
Knowledge of MITRE ATT&CK, UEBA (User Entity Behavior Analytics), insider threat detection, and fraud prevention.
Strong understanding of log management, data correlation, and incident response frameworks.
Responsibilities
Configure, deploy, and maintain the Securonix SIEM platform to support security monitoring and threat detection.
Develop and fine-tune correlation rules, use cases, and behavioral analytics to identify insider threats, fraud, and advanced cyber threats.
Manage log ingestion pipelines and optimize data collection from various sources, including network logs, endpoint data, cloud platforms, and identity systems.
Troubleshoot performance issues, integrations, and data processing pipelines within Securonix.
Develop data models, analytics dashboards, and reports to enhance security monitoring and forensic investigations.
Leverage machine learning techniques and statistical analysis to detect anomalies and insider threats.
Integrate Securonix with threat intelligence platforms to enhance detection and correlation capabilities.
Other
Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred.
8-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
Ability to work with large datasets and build predictive models for security insights.
Strong understanding of regulatory requirements (e.g., NIST, PCI DSS).
Ability to provide professional support for major components of the company's information security infrastructure.
