SecDevOps Developer (L 09)

Job Description

The SecDevOps Developer is responsible for creating and maintaining detection and automation content aiding in reduction of cyber risk through increasing organizational efficiency in identification of threats. The team-member will partner with members of cyber operations, information security and the larger business to identify detection and automation use-cases that they will then aid in designing and implementing. A strong knowledge of cyber detection concepts/strategies, security tools, code development pipelines and programming languages is required, as are essential talents of critical thinking and problem solving and a customer-first attitude.Essential Responsibilities:

• Utilize intelligence driven cyber-attack models and strategies to identify threats and mitigate related behaviors through use of detection/prevention security controls.
• Identify and collaborate on creation of custom cyber detection and automation use cases reducing risk and increasing cyber operations efficiency.
• Coordinate with Information Security teammates to manage and optimize detection content and alerting logic for key systems including security information and event management (SIEM), intrusion detection/prevention (IDS/IPS), Next Generation AV (NGAV), Endpoint Detection and Response (EDR), User Entity and Behavior Analytics (UEBA) platform amongst other core security tools.
• Assist in creation and implementation of security automation use cases via use of a security orchestration automation and response (SOAR) platform
• Administer test bed(s), and test and validate functionality of security tools as well as rules/signatures, alerting logic and automations
• Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization) and conducting tuning to reduce unnecessarily voluminous alerts and false positives.
• Perform cyber defense trend analysis and reporting based on detections and alerting logic.

Qualifications/Requirements:

• Bachelor s degree and minimum of 5 years of Information Security or Intelligence experience
• Demonstrated competence with Splunk programming language (SPL) and Python, and with creation of custom detection signatures used in modern NGAV/EDR and IDS/IPS systems
• Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Able to function effectively in a dynamic, fast-paced environment.
• Flexible to work in EST hours
• For Internal Applicants: Understand the criteria or mandatory skills required for the role, before applying.
• Inform your Manager or HRM before applying for any role on Workday.
• Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format)
• Must not be any corrective action plan (First Formal/Final Formal, PIP)
• Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.
• 8 Level employees can apply

Desired Characteristics:

• Applicable Information Security professional certifications (e.g., SANS, ISC2) and tool specific certifications
• Agile and code development Experience
• Prior SOC, cyber intelligence, or incident response experience
• Ability to work independently as well as part of a team
• Understanding of data models and machine learning as applicable to security detection and behavior analytics
• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
• Expertise to clearly define complex issues despite incomplete or ambiguous information
• Strong oral and written communications skills
• Strong interpersonal and critical thinking skills

Grade/Level: 09Job Family Group:Information Technology,

Keyskills :
security informationevent managementuse casesdata modelskey systemscyber defensetrend analysissecurity toolsproblem solvingevent managementmachine learning