
Security Architect Google Chronicle
Role: Security Architect Google Chronicle
Location: Issaquah, WA
Duration: Long Term Project
Experience: 14+
Client: Capgemini/End client
Job Description:
o Lead the architecture and design of Google Chronicle SIEM and SOAR solutions to meet the security needs of the organization.
o Collaborate with stakeholders to define requirements and ensure alignment with business objectives.
o Design integration strategies with existing security tools, applications, and data sources.
• Implementation:
o Lead the deployment and configuration of Google Chronicle SIEM and SOAR environments.
o Develop and implement data ingestion pipelines, ensuring the effective collection and correlation of security events.
o Implement use cases, detection rules, and response playbooks based on organizational security requirements.
• Support and Maintenance:
o Provide ongoing support for the Google Chronicle SIEM and SOAR environments, including troubleshooting, tuning, and optimization.
o Monitor and maintain the health and performance of the systems, ensuring high availability and reliability.
o Collaborate with security teams to continuously improve detection and response capabilities.
• Automation and Integration:
o Develop automation scripts and workflows to streamline security operations and incident response.
o Integrate Google Chronicle with other security tools (e.g., EDR, firewalls, threat intelligence platforms) to enhance threat detection and response.
• Training and Documentation:
o Create and maintain comprehensive documentation of the architecture, configurations, and processes.
o Provide training and knowledge transfer to internal teams on the use and administration of the SIEM and SOAR environments.
Qualifications:
• Experience:
o 5+ years of experience in security architecture, engineering, or operations.
o Extensive hands-on experience with Google Chronicle SIEM and SOAR platforms.
o Proven experience in designing and implementing large-scale SIEM and SOAR solutions.
o Experience with scripting languages (e.g., Python) for automation purposes.
• Technical Skills:
o Strong understanding of security concepts, threat intelligence, incident response, and security operations. Develop parsers for log integration within Google Chronicle.
o Proficiency with security technologies and frameworks (e.g., SIEM, SOAR, EDR, IDS/IPS, firewalls).
o Familiarity with cloud environments (e.g., GCP, AWS, Azure) and cloud security best practices.
o Knowledge of data normalization, correlation, and threat detection techniques.
• Soft Skills:
o Strong problem-solving skills and ability to work independently as well as part of a team.
o Excellent communication skills, both verbal and written, with the ability to convey complex technical information to non-technical stakeholders.
o Ability to work in a fast-paced environment and manage multiple priorities.
Certifications:
• Relevant certifications such as Google Cloud Professional Security Engineer, GIAC Security Expert (GSE), CISSP, or equivalent are a plus.
To apply for this job email your details to shahid.m@wonese.com