Reference # 19-00167 Title User and Entity Behavior Analytics (UEBA) Administrator
Location Phoenix, ARIZONA
Position Type Contract
Experience Level Contract
Start Date / End Date 2019-04-01 00:00:00 --- 2019-09-30 00:00:00
Description
The successful candidate will possess deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking, and extensive experience interacting with customers. The (UEBA) Engineer is responsible for the delivery of client specific UEBA management solutions. The UEBA Engineer serves as an escalation point for critical and complex client issues, performs configuration and testing of service, assists with developing and documenting work processes and trains other members of the team. The primary focus for this role is to act as a Subject Matter Expert for UEBA technology and be able to configure, manage, operate and administrate the state's UEBA solution.

User and Entity Behavior Analytics (UEBA) Responsibilities:

Responsible for lifecycle support in the areas of UEBA strategy, UEBA service delivery, and UEBA infrastructure support
Responsible for tuning out false positives and creating actionable reports for State of Arizona SOC and other stakeholders
Enrolling log sources, administration, filter content development
Working with UEBA customers and stakeholders across the State
Monitor the impact of deploying new content on the health and performance of the UEBA solution
Creation and improvement of UEBA security policies, processes and procedures, and other UEBA related documentation
Lead UEBA logging enrollments from multi-agency applications into the enterprise UEBA platform
Modify existing parsers, as well as implement and test custom parsers and log source extensions in order to capture and correlate events from non-standard log sources
Evaluate deployment to identify flaws and key areas for improvement in the effort to maintain an optimal UEBA operating environment
Comprehend UEBA error logs and act as escalation point for underlying event collection and correlation components
Test and train the Service Desk support team to deliver UEBA first level support
Generate metrics reports to include baseline activity, trends, common threats, and use the information to make recommendations for improvement

User and Entity Behavior Analytics (UEBA) Qualifications:

Bachelor's degree and at least 3 years of technology or other relevant industry experience. Emphasis on security operations, incident management, intrusion detection, and security event analysis.
2+ years of working experience with UEBA security technologies/vendors (such as Splunk, Qradar, and Exabeam)
Understanding of regular expressions (Regex) and Python scripting Knowledge in the following areas is a plus: Perl and shell scripting, Docker, ELK, Hadoop
Ability to isolate problems between hardware and software and provide information to appropriate support team(s)
Highly developed, process-oriented skills for troubleshooting, problem-solving, and problem resolution
Must be able to work in a fast-paced technical environment and sophisticated enterprise cyber-security solutions
Investigates, interprets, and responds to technical and complex IT data security issues