中文 English

Website
Amkor Technology

Enabling The Future

Amkor is recruiting for a Staff Engineer in Information Security for its Tempe, AZ corporate office. This team member will have the opportunity to participate in high impact projects on a global scale evaluating, designing, implementing, managing, and supporting global security-focused controls and services with emphasis on Security Information and Event Management (SIEM).

  • Assigned Subject Matter Expert for IBM QRadar
  • Deployment configuration and maintenance
  • Develop and manage network hierarchy for accurate flow directions
  • Work with asset owners to ensure timely & efficient collection of security events/logs from all sources
  • Maintain reference data tables
  • Integrate threat intelligence to enrich context around events/offenses
  • Tune existing and create/maintain new custom rules to decrease noise & enhance event correlation alert fidelity
  • Deploy and manage log collection agents
  • Manage & support multi-national SIEM data gateways running on Red Hat Enterprise Linux
  • Install and manage applications and content from X-Force Exchange
  • Train Security Operation Center members on new functionality
  • Provide Tier 3 technical support on all related security issues
  • Evangelize security within the company and be an advocate for partner/customer trust
  • Support security project implementations from a technical perspective
  • Interact with engineering teams regarding attack mitigation & remediation
  • Establish a global practice for threat hunting utilizing QRadar
  • Develop and maintain shared queries, dashboards, and key performance indicators
  • Develop security standards, policies, and procedures

QUALIFICATIONS:

Ideal candidate will have 7+ years of experience within Information Security, a minimum of 4 years of direct experience. Bachelor of Science degree, multiple disciplines considered and relevant experience in lieu of degree may be considered.

In depth and demonstrated knowledge of enterprise security models/protocols/solutions in areas such as:

  • QRadar rule tuning, custom DSM creation, log source management, Ariel Query Language
  • Log formats for AD/DNS/DHCP/LDAP/VPN/SSO/Email/Firewalls/Endpoints/Servers/Threat Detection
  • User Behavioral Analytics (UBA)
  • Scripting languages such as Python and PowerShell
  • Forensics and toolsets such as Wireshark, PCAP, TCPdump
  • Log collection methodologies & aggregation techniques such as Syslog-NG, rsyslog, Nxlog, Windows Event Forwarding
  • Sysmon & WinCollect event forwarders
  • MITRE ATT&CK matrices and kill chains
  • Incident Response
  • Certifications such as CCSP / CEH / GIAC / CISSP
  • Demonstrated and efficient project management skills
  • Previous multi-national company experience with the ability to work with global teams
  • Successful leadership and management experience is highly desired