Automation Engineer - Cyber Security Operations
About The Position
This role involves identifying, defining, configuring, executing, and maintaining automation scripts and tools to support the brand's information security initiatives. The ideal candidate will possess experience with common scripting languages like Python, PowerShell, and Bash, and be familiar with Security Orchestration Automation and Response (SOAR) tools such as Microsoft Sentinel, Entra ID, and Defender. Experience in writing information security playbooks is highly desirable. The candidate will be instrumental in our cyber threat hunt automation efforts, including vetting new models and procedures to detect and respond to anomalous network and/or endpoint behaviors. Close collaboration with teams such as Endpoint Security, Threat & Vulnerability Management, and Security Operations peers is essential for success.
Requirements
- Experience automating security functions with a scripting language such as Python, Powershell, etc.
- Experience with a Security Orchestration Automation and Response tool such as MSFT Sentinel, Entra ID, Defender, etc.
- Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices.
- Experience with host-based and/or network-based forensics tools and techniques.
- A curious mindset with attention to detail.
- Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux.
- Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports and assisting with intelligence reports.
- Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems.
- At least one certification within the Information Security, Information Assurance or Cybersecurity field such as GIAC, OWASP, ISC2, or similar.
- Threat Hunting Experience.
- Regular Expression (regex) experience.
Nice To Haves
- Experience writing information security playbooks is ideal.
Responsibilities
- Creates automation playbooks in coordination with organization peers to reduce the number of tedious/manual tasks (freeing up time for other information security tasks).
- Administration, configuration, maintenance, and support of the MSFT Sentinel environment.
- Creation, evaluation, updating, and maintenance of Information Security Incident Management Playbooks.
- Participates in security incident response efforts by, among other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures.
- Investigation of Cyber Security threats.
- Identifies, creates, and maintains opportunities for threat intelligence automation.
Benefits
- parental leave
- free EAP sessions
- company 401k match
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
