We are seeking an experienced Senior Cybersecurity Engineer to join our Security Operations Center (SOC) team. The SOC provides 24x7 security operations monitoring for the Russell Investments environment. Your primary function will be to monitor and manage the performance of the SIEM as well as writing and editing detection rules and alerts. You’ll interact regularly with other members of the Cybersecurity team as well as other IT support teams.

Years of Experience

• Minimum 4 years’ experience in Cybersecurity with a focus on SIEM

Role Responsibilities

• Working alongside the Seattle based Cybersecurity team, configure, maintain, tune and enhancing the cloud based SIEM platform

• Regularly review and reconcile assets to ensure appropriate sources are being logged as required.

• Lead and/or participate in upgrade and maintenance projects

• Develop rules, dashboards, and reports

• Test and improve SIEM use cases

• Implement automation for process efficiencies

• Maintain documentation for SIEM and related systems

• Stay up to date with the latest cybersecurity news and trends, and provide insights and recommendations to enhance our security posture.

• Engage with various teams to expand your knowledge of the environment

• Research new and evolving threats that have the potential to impact the environment

• Serve on the incident response team for major or high-profile security incidents in tandem with external providers.

• Propose procedural updates and process improvements

• Act as escalation point for SOC analysts

Role Requirements

• Certifications such as CISSP and CEH are desirable

• Knowledge of cybersecurity principles, concepts, and practices

• Knowledge of networks, firewalls, and operating systems

• Strong analytical and problem solving skills, with the ability to collate and interpret data from various sources, assess complex security issues, and propose effective solutions.

• Experience with security incident detection and response

• Familiarity with security technologies, such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners.

• Familiarity with industry standards and frameworks, such as NIST Cybersecurity Framework and ISO 27001.

• Experience working with SPL, Python, PowerShell, and other query/scripting languages

Special Requirements

• Occasional weekend and off-hours support

Core Values

• Strong interpersonal, oral, and written communication and collaboration skills

• Strong organizational skills including the ability to adapt to shifting priorities and meet frequent deadlines,

• Proactive approach to problem-solving with strong judgment and decision-making capability.

• Highly resourceful and collaborative team-player, with the ability to also be independently effective and exude initiative and a sense of urgency.

• Exemplifies our customer-focused, action-oriented, results-driven culture.

• Forward looking thinker, who actively seeks opportunities, has a desire for continuous learning, and proposes solutions.

• Ability to act with discretion and maintain complete confidentiality.

• Dedicated to the firm’s values of non-negotiable integrity, valuing our people, exceeding client expectations, and embracing intellectual curiosity and rigor.

Visit us: https://russellinvestments.com/us/careers