Sr Analyst, IT
Baxter provides a broad portfolio of essential renal and hospital products, including home, acute and in-Centre dialysis; sterile IV solutions; infusion systems and devices; parenteral nutrition; surgery products and anesthetics; and pharmacy automation, software and services. The company’s global footprint and the critical nature of its products and services play a key role in expanding access to healthcare in emerging and developed countries. Baxter’s employees worldwide are building upon the company’s rich heritage of medical breakthroughs to advance the next generation of healthcare innovations that enable patient care.
The SIEM Engineer works in Baxter’s Security Operations team. The employee will be responsible for managing and maintaining the Splunk ES product in support of security monitoring, incident response, threat intelligence, and threat hunting programs. Experience and knowledge of SIEM products and their use in support of continuous monitoring activities is essential. The SIEM Engineer will work closely with management, architects, and other engineers to complete high profile, critical services in support of Baxter’s Security Operations program. The role will serve as a primary responder for the SIEM systems, taking ownership of configuration issues and tracking through resolution.
- This role will work with other internal Splunk resources in order to onboard log sources with relevance to security activities.
- This will require documentation of governance processes and responsibility for report generation and notification to senior leadership about potential client Service Level Agreement (SLA) issues.
- Explain and demonstrate how to use SIEM and Enterprise Security products to both technical and relatively non-technical personnel.
- Implement and configure SIEM software and appliance-based products in a large, international enterprise.
- Develop and deploy SIEM content and reporting.
- Perform knowledge transfers and train other parts of the Security Operations team regarding security and system configuration.
A Career That Matters
Baxter’s employees are united in a mission to save and sustain lives. We are passionate about applying scientific innovation to meet the needs of the millions of people worldwide who depend on our medically necessary therapies and technologies. We focus on increasing access to healthcare, innovating in crucial areas of unmet need, and pursuing creative collaborations that bring our mission to life for patients every day.
Equal Employment Opportunity
Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, disability/handicap status or any other legally protected characteristic
- 3+ years professional experience managing and maintaining SIEM systems.
- 2-3 years professional experience working with networks and network architecture.
- 1+ year professional experience writing SIEM content.
- College degree or equivalent training with relevant experience
- Advanced information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Manager (SIEM), to include: NitroSecurity ArcSight Q1 Labs RSA Envision Network Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva.
- Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.
- Experience with content SIEM content creation and reporting.
- Excellent time management, reporting, and communication skills.
- Superior IT problem-solving skills.
- Experience with Linux and Windows OS.
- Shift flexibility, including the ability to provide on call support when needed
- Demonstrated experience and success in a Security Operations environment
- Experience working with Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures. (i.e. Jira, Confluence, etc.).
- General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).
- Knowledge of Linux and Windows Operating Systems.
- An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
- Experience with various SIEM security products such as: ArcSight, QRadar, Nitro, Splunk, LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
- CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE.
- Familiarity with DevOps
- Prior consulting experience.