SecDevOps Developer

Job Description

Essential Responsibilities:

• Automate information security event triage and response via SOAR (Security Orchestration and Automated Response) platform development.
• Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
• Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
• Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).
• Create, edit, and manage specialized cyber defense systems (e.g., intrusion prevention systems and phishing detection platforms).
• Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
• Develop content for cyber defense tools.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Perform cyber defense trend analysis and reporting.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

Qualifications/Requirements:

• Any Bachelors in a technical field.
• A minimum of 3 - 5 years of experience in Information Technology, Cyber Security, Information Assurance, or a related field
• Proficient in Python programming language and able to demonstrate fluency.
• Splunk Certified User and able to demonstrate fluency in SPL.
• Recent experience in an enterprise Splunk environment
• Able to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Able to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Able to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Able to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Able to function effectively in a dynamic, fast-paced environment.
• For Internal Applicants: Understand the criteria or mandatory skills required for the role, before applying.
• Inform your Manager or HRM before applying for any role on Workday.
• Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format)
• Must not be any corrective action plan (First Formal/Final Formal, PIP)
• Employees who have completed 18 months in organization and 12 months in current role and level are only eligible.
• Last annual performance rating should at least be Strong Contributor / Critical talent.

Desired Characteristics:

• Proficient in Python programming language.
• Splunk user certification or demonstrate fluency in SPL (Splunk programming language)
• Agile Experience
• Experience deploying and managing NIDS signatures
• Prior SOC, Intel, CIRT, or relevant infosec experience
• Results driven, strategic, conceptual, and innovative thinker
• Excellent consulting skills and superior ability to develop and maintain effective client relationships
• Ability to work independently as well as part of a team
• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
• Expertise to clearly define complex issues despite incomplete or ambiguous information
• Strong oral and written communications skills
• Strong interpersonal and critical thinking skills

Grade/Level: 08Job Family Group:Information Technology,

Keyskills :
phpassuranceautomatedsplunkenvironmentsplideaslanguagejavajavascripteducationagileactionmationsecurityaspnet