Overview:
Reporting directly to Security Engineering Management and under the general supervision by Information Security Office Leadership, this role will be responsible for building, maintaining, and leading a secure development & engineering lifecycle, with continuous improvement to meet evolving security and compliance requirements including:
-
Design, build, deploy and maintain security automation and orchestration tools
-
Create and maintain security tool documentation
-
Collaborate with operations & product teams to design and deploy security tools
Responsibilities:
- Provides quality internal and external customer service aligning with Company values.
-
Design and implement threat analysis technologies including supporting the organization in implementation of our ADAPT (Elastic) platform for detection and response of security threats and malicious cyber activity.
-
Support Security Architecture Leadership in advancing our ADAPT platform through network and system event log parsing and anomaly detection, enabling automated responses and scripted actions in mitigating threats.
- Evaluate new security technologies and products for internal use.
-
Lead the software development lifecycle for the Tierpoint information security office.
-
Other duties as assigned.
Qualifications:
- Strong understanding of APIs, Automation, and System Integration strategies.
-
Experience with Python, Powershell, Bash Scripting, PHP, JSON, and development tools.
-
Experience with MySQL, MSSQL, and NoSQL Database Administration.
-
Experience with GIT.
-
Experience with the enrichment of data.
-
Functional familiarity with Cloud, Virtualization, and Container technologies.
-
Basic understanding of CI/CD pipelines.
-and-
1 of the following:
-
Bachelors in technical field
-
1+ years of related experience preferably within the information technology or managed services provider industry
-
Industry certifications such as CISSP, GOSI, GWEB, GCSA…
-or-
2 of the following:
-
Bachelor's degree from an accredited institution in a technical field
-
1+ years of industry experience
-
Industry certificates such as CySA+, CEH, GSEC
Preferred Experience
Experience with the following security technologies:
-
Python/Bash/PowerShell
-
MySQL/MSSQL/MongoDB/PostgreSQL
-
SIEM/SOAR/XDR
-
Elasticsearch/Logstash/Beats
-
Splunk/Graylog/Loginsight
-
Docker/K8s
-
Threat Feeds
Experience with the following technical concepts:
-
Experience with Data Science and/or Data Analysis methodologies and direct application to data intelligence projects.
- Fundamental understanding of neural networks, machine learning and AI
-
Software Development Life Cycle (SDLC) management and secure development
-
Security Automation
-
Defense in depth/Zero Trust
-
Compliance requirements (NIST/PCI/HIPAA/etc.)
Experience with the following administrative concepts:
-
Agile/project management
-
Documentation/Learning management
-
Process management
Working Condition Requirements
-
Office environment
-
Ability to prioritize and organize effectively
- Ability to work on multiple projects simultaneously
-
Ability to work both independently and with others
- Ability to operate in a fast moving, team-oriented, collaborative environment with tight deadlines
#LI-REMOTE
#LI-EW1