Share this Job

Security Automation Engineer

The Company:  Aflac Incorporated
The Location: 

Remote, US Columbus, GA, US, 31999

The Division:  Global Security
Job Id:  3137

Job Summary

Build and help advance SOAR capabilities within Global Security. This includes advancing security operation capabilities, technologies and processes through automation and integration of threat detection, response and remediation. This role will collaborate heavily with Global Security teams to ensure that incremental capabilities are delivered. These deliverables will include end to end process and task automation for the SOC and Security Administration. Operating models will need to be defined and documented after performing discovery within Global Security to ensure automation as a service is successful. The Security Automation Engineer will also assist in managing the SOAR vendor relationship and any other vendor relationships to ensure proper use cases are established and are accompanied by corresponding automation playbooks.

 

Principal Duties & Responsibilities

• Assist the team lead in Global Security Operations SOAR growth and maturity, actively improving our security monitoring and incident response capabilities.

 

• Implementation, development and maintenance of the SOAR platform

 

• Collaborate with Global Security teams to identify automation opportunities, create workflows and deliver fully tested automations that lead to efficiency gains.

 

• Work with security teams to identify and implement monitoring use cases, incident response procedures, playbooks and other technical documentation.

 

• Provides ongoing engineering support for automation platform(s).

 

• Participate in Post Incident Reviews and contribute to process improvement when new requirements are identified.

 

• Act as subject matter expert in multiple security technologies and processes.

 

• Performs other related duties as required.

 

 

Education & Experience Required

  •  Bachelor's Degree Computer Science, Information Systems, Cyber Security or other related field

 

  • Five or more years of IT Security analyst/engineer experience

 

  • Advanced working knowledge within a Security Operations and/or Engineering, including monitoring, incident response and engineering security solutions.

 

  • Vendor Management Experience to include establishing and ensuring SLA/SLO levels are met

 

  • Experienced in identifying enterprise threat landscape as well as anatomy of cyber-attacks methodology

 

  • Experience interfacing with pier support teams (Security Engineering, Operations, Threat Intel, Access Management, Legal, Governance, etc.

 

  • Familiarity with enterprise level information security best practices and security frameworks (i.e. Acceptable Use Policies and etc.)

 

Or an equivalent combination of education and experience

 

Job Knowledge & Skills

• Experience with scripting languages such as Python, Powershell and JavaScript

 

• Knowledge of web-services such as API and REST

 

• Experience with development in a SOAR platform

 

• Experience with GIT or other version control systems

 

• Hands-on technical experience with commercial SIEM products, which should include defining and writing alert queries in addition to daily use for security investigations

 

• Technical certifications such as GCIH, GCFA, CISSP are a plus

 

• Familiarity with the following technologies:

 

• SIEM

 

• Active Directory

 

• Firewalls

 

• Network Protocols

 

 • IDS/IPS,

 

• Pcaps

 

• Email monitoring technologies

 

• VPN and Cloud technology

 

• Open Source security tools

 

• Forensic tools

 

• Proficiency in using Microsoft products.

 

• Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols

 

• Familiarity with Windows and Linux command line environments

 

• Excellent interpersonal and communication skills, written and verbal including ability to interact with a diverse group of individuals with varied levels of understanding and authority within customer institutions.

 

• Knowledge associated with a Case Management system

 

Competencies

  • Acting with Integrity
  • Communicating Effectively
  • Pursuing Self-Development
  • Serving Customers
  • Supporting Change
  • Supporting Organizational Goals
  • Working with Diverse Populations


Nearest Major Market: Eugene