IT Sr. Security Specialist
About NCR Corporation
NCR Corporation (NYSE: NCR) is the global leader in consumer transaction technologies, turning everyday interactions with businesses into exceptional experiences. With its software, hardware, and portfolio of services, NCR enables nearly 700 million transactions daily across retail, financial, travel, hospitality, telecom and technology, and small business. NCR solutions run the everyday transactions that make your life easier. NCR is headquartered in Atlanta, Georgia, with approximately 29,000 employees and does business in 180 countries.
Position Summary & Key Areas of Responsibility:
The IT Sr Security Specialist shall be responsible for the day-to-day activities required to manage multiple Detection products and administer system policies, repairs, and deployments and address any problem tickets. Working in a collaborative team environment, the specialist will work with stakeholders both internal and external teams to protect and defend NCR from malicious activity. The IT Sr Security specialist shall work with key team members to ensure measures are in place to protect the Confidentiality, Integrity and Availability (CIA) of the environment using multiple protection products.
The IT Sr Security Specialist will work with stakeholders and assist with improving Security Posture that are aligned with the mission of the office of the CISO and will report to the Team Leader of Threat Protection. The IT Sr Security Specialist is expected to contribute to weekly status calls, trouble tickets, working off hours, and produce ad hoc requests as part of this position and will work to resolve or engage appropriate stakeholder’s/team members to remedy the request.
Responsibilities of the IT Sr Security Specialist
IT Sr Security Specialist will work as SIEM & UBA specialist and would be a member of NCR SIEM Team and responsible for
- Validate, generate report and resolve logging inactivity by notifying and working Point of contact
- Discover and remediate logging inconsistencies (SIEM) such as Inconsistent timestamp, Inconsistent log levels etc.
- Manage, Configure and cleanup Syslog relay configuration
- Act as point to validate logs are received on relay
- Setup applicable mutual authentication with TLS 1.2 between data sources and relays
- Capture log samples
- Validate in scope logs contain the required fields to build parsers in SIEM/UBA
- Validate relay configuration that SIEM and UBA are receiving messages
- Review existing correlation rule and recommend updates if required
- Recommend new correlation rules
- Assist in creating custom parsers
- 3 - 5 years working in the Security Logging and Monitoring space
- 2 -4 years of SIEM administration experience
- Network security monitoring experience
- Knowledge of various log formats from: network infrastructure, server, web applications, databases, etc.
- Knowledge of Syslog Relay and Windows Event Forwarder
- Knowledge of VPNs, firewalls, routing/switching, databases, web applications, etc.
- Linux and Windows System administration experience
- Scripting languages such as Python, PowerShell etc.
- McAfee SIEM administration experience
- Knowledge of how McAfee SIEM parses, aggregates, normalizes, correlates, and alerts
- Syslog NG Relay and/or WEF
Integrated into our shared values is NCR's commitment to diversity. NCR is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at NCR has an ongoing responsibility to respect and support a globally diverse environment.
Statement to Third Party Agencies
To ALL recruitment agencies: NCR only accepts resumes from agencies on the NCR preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR employees, or any NCR facility. NCR is not responsible for any fees or charges associated with unsolicited resumes.