Automation Engineer - Cyber Security Operations
About The Position
Automation Engineer - Cyber Security Operations Overview When our square shaped burgers made their first sizzle on the scene more than 50 years ago, people knew our approach wasn’t like any other. Same goes for the way we support our employees. Our culture of openness, flexibility, and inclusiveness allows everybody to flourish in their own way. If you’re looking for a career where you can be part of the action as we continue to grow our iconic brand – We got you! Duties include identifying, defining, configuring, executing and maintaining automation scripts and tools in support of the brand’s information security initiatives. The ideal candidate will have experience with common scripting languages such as Python, PowerShell, Bash, etc. The ideal candidate will be familiar with Security Orchestration Automation and Response Tools such as MSFT Sentinel, Entra ID, Defender, etc. Experience writing information security playbooks is ideal. The candidate will play a major role in our cyber threat hunt automation efforts, including the vetting of new models and procedures to identify and react to anomalous network and/or endpoint behaviors. Regular collaboration with multiple teams such as Endpoint Security and Threat & Vulnerability Management as well as Security Operations peers will be critical to success.
Requirements
- Experience automating security functions with a scripting language such as Python, Powershell, etc.
- Experience with a Security Orchestration Automation and Response tool such as MSFT Sentinel, Entra ID, Defender, etc.
- Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices.
- Experience with host-based and/or network-based forensics tools and techniques.
- A curious mindset with attention to detail.
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux.
- Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports and assisting with intelligence reports.
- Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems.
- At least one certification within the Information Security, Information Assurance or Cybersecurity field such as GIAC, OWASP, ISC2, or similar.
- Threat Hunting Experience.
- Regular Expression (regex) experience.
Nice To Haves
- Experience writing information security playbooks is ideal.
Responsibilities
- Creates automation playbooks in coordination with organization peers to reduce the number of tedious/manual tasks (freeing up time for other information security tasks).
- Administration, configuration, maintenance, and support of the MSFT Sentinel environment.
- Creation, evaluation, updating, and maintenance of Information Security Incident Management Playbooks.
- Participates in security incident response efforts by, among other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures.
- Investigation of Cyber Security threats.
- Identifies, creates, and maintains opportunities for threat intelligence automation.
Benefits
- parental leave
- free EAP sessions
- company 401k match
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
