Description:
The Threat, Detection and Response organization is looking to hire a senior security engineer. This role will report to the Senior Manager of Detection Engineering and Threat Intelligence. This role will be a hybrid of responsivities. Part of this role will support a major security program which will require partnering with product security developers to build reporting around product benchmarks; this role will be the priority until the program stabilizes. The other part will consist of supporting our Detection Engineering team developing our security detection content. While the set of skills needed will be broad, this will be an opportunity to work with a wide range of teams focused on core issues for the company.
What you get to do in this role:
- Ensure service delivery of a major security program’s metrics to key stakeholders.
- Work directly with product security, vulnerability management, big data team, and Red Teams on improvements to a major security program.
- Summarize platform security issue aggregation for executive leadership.
- Apply data mining & analysis techniques to provide insight into threat intelligence, detection engineering, and security operations data.
- Work with ServiceNow developers and administrative teams to automate team metrics and program key performance indicators.
- Collaborate with other detection engineers and incident responders on new detections or optimize current detections.
Qualifications
- Experience with product/application security principles with background in software development or security engineering.
- At least 3 years of experience of writing advanced power user queries in Splunk including creating field extractions with regex.
- Ability to summarize verbally and in writing technical content.
- Experience creating technical reports for executive leadership.
- High degree of interpersonal skills will be required given this role will interact with many teams.
- Development/programming skills with one or more major programming languages.
- Familiarity with big data technologies: Hadoop, notebooks, SQL statements, visualizations.
- High level understanding of security operations and SIEM technologies.