Gps Consultant

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Global Professional Services Consultants are the technical lead for Professional Services engagements focused on the design, development, and implementation of Taegis solutions for Secureworks customers. We provide Customers with architecture and design plans to support the implementation and operation of the Secureworks Taegis platform and potential integration with other SIEM and SOAR platforms.

**Responsibilities**:

- Guide the design, development, and review of Moderate complexity Taegis Transitions & Deployments solutions and integrations.
- Analyze and identify areas of improvement with existing security operations processes, procedures and documentation.
- Assist with client transition and onboarding and serve as a primary SME point of contact for professional services (including Moderate & Complex Transition Services).
- Deliver hands-on Scenario-Based Workshops to Customers.
- Provide remote consulting services via interactive client sessions to assist with implementation of Taegis solutions.
- Lead the implementation of Secureworks Taegis solutions and related integrations for clients in large enterprise environments.
- Recommend, test, tune and implement Taegis use cases and rules.
- Identify false positives from alerting, and define processes and procedures for performing incident response, triage, incident analysis and remediation tasks.
- Create, modify, and update threat detection and response correlation rules, reports and dashboards.
- Deliver newly launchedservices consistent with role level capabilities.

**Skills**:

- Providing technical and process management guidance to customers.
- Consulting experience.
- Understanding of senior management requirements.
- Ability to multi-task and prioritize work.
- Deal with close deadlines for team related assignments.
- Assertive decision maker.
- Customer Peer and Management communication skills.

Educational experience

Typically 5-8+ Years including Bachelor’s degree or equivalent experience:

- Knowledge of advanced threat detection use cases for a SIEM platform (e.g. Splunk, ArcSight, QRadar, LogRhythm)
- Prior consulting or customer-facing support experience highly preferred
- Prior experience administering SIEM platforms (e.g. Splunk, ArcSight, QRadar, LogRhythm)
- Experience using Python, APIs or other similar scripting languages to automate tasks and manipulate data (REST, GraphQL, RegEx (JSON, CEF, LEEF, etc.))
- Experience of Amazon Cloud and Web Services (AWS, Azure, etc.)
- Experience in endpoint detection and response (EDR) technologies (e.g.: CrowdStrike, Carbon Black, etc.).
- CISSP, Linux+, Security+, CEH, MCSE, CCNA, SANS GIAC series and/or other certifications that demonstrate a commitment to continuous professional development
- Experience of SIEM ""best practices"" (e.g. Splunk, ArcSight, QRadar, LogRhythm)
- Prior experience developing use cases with one or more of the following SIEM platforms: Splunk, QRadar, ArcSight, McAfee ESM, LogRhythm, or RSA NetWitness
- Experience with common security controls (e.g., Firewalls, IDS, AD, Proxies, etc.)
- Experience investigating common types of attacks and security events
- Solid technical understating of TCP/IP, SSL, Exploit kits, DNS, & network architecture
- Experience with (user and admin level) multiple operating systems (Windows 7/8/10/2012R2+, Linux CentOS/RHEL/Ubuntu)