Security Engineer - Scripting and Automations (Remote)
Security Engineer - Scripting and Automations (Remote)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Reporting to the Threat Detection Manager the Security Engineer will work with the our teams including cyber threat intelligence analysts SOC analysts threat detection engineers server and network administrators security tool administrators and department customers. You will have information security experience in incident response and understanding of security log feeds mapping the data into the SIEM.
You will:
- Understand data feeds of multiple security tools and logs that feed the SIEM & UEBA technologies. Identify capabilities and quality of these feeds and recommend improvements
- Create new content use cases based on threat intelligence analyst feedback available log data and previous incidents
- Perform daily activities of the content life cycle including creating new use cases testing content; tuning and removing content; and maintain associated documentation
- Improve vulnerabilities in the different application environments
- Work with the other security teams and product SMEs to identify gaps within the existing capability
- Develop parsers/field extractions to facilitate reliable content development
- Develop custom scripts to enhance default SIEM functionality
- Participate in root cause analysis on security incidents and provide recommendations for new data sources and enrichment
Qualifications :
Qualifications:
- 5 years experience in security engineering or site reliability engineering
- Excellent Terraform skills required and experience with Cloud Migration
- Experience working with and developing CI/CD pipelines for Infrastructure as Code required
- Knowledge of programming/scripting fundamentals (python/golang) required
- Expertise in performing ETL onboarding for diverse log feed technologies required
- Experience supporting a Splunk platform administration new content dashboards applications and use cases
- Hands-on experience developing Rest APIs to capture data from external sources
- Experience with Agile methodologies
- Understanding of multiple log formats and source data for SIEM Analysis
- Solid background with Windows and Linux platforms (security or system administration)
Benefits/Perks:
- This role is remote from within the US
- Great compensation package and bonus plan
- Core benefits including medical dental vision and matching 401K
- Flexible work environment ability to work remote hybrid or in-office
- Flexible time off including volunteer time off vacation sick and 12-paid holidays
Additional Information :
Our uniqueness is that we celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI work/life balance development authenticity engagement collaboration wellness reward & recognition volunteering... the list goes on. Experians people first approach is award-winning; Great Place to Work in 24 countries FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why.
Experian is proud to be an equal opportunity and Affirmative Action employer. Innovation is a critical part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their race color religion sex age sexual orientation gender identity national origin disability or status as a protected veteran. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.
All your information will be kept confidential according to EEO guidelines.
Remote Work :
Yes
Employment Type :
Full-time
Employment Type
Remote
