This listing was posted on Professional Diversity Network.
Security Engineer II: Detection Engineer
Location:
San Antonio, TX
Description:
ResponsibilitiesOur Partners thrive The H-E-B Way . As a Security Engineer II: Detection Engineer you would have a... HEART FOR PEOPLE ... you have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teams HEAD FOR BUSINESS ... you have an ownership mentality and a consistent track record of timely delivery of high-quality software PASSION FOR RESULTS ... the ability to guide the discussion, remove roadblocks, and provide guardrails for your team as they identify challenges and propose solutions.This position is responsible for developing content and maintaining the reports, alerts, correlation, and triggers for security tool sets, based on data and feedback supplied by Digital Security Operations Center (DSOC) analysts. A deep understanding of security tools is required.When a DSOC senior analyst requires a piece of information, the system administrator will collaborate with a security engineer to perform the integration, collection, or configuration to receive those pieces of data. This role supports Cyber Fusion Center threat management, Digital Foundational Technology operations, CFC DSOC incident response & DSOC detection engineering efforts. ROLE Analyzes and investigates security alerts and helps tune and improve notables. Integrates SIEM with upstream data sources by automating data ingestion. Manages large data sets including creating and organizing indexes. Completes projects and tasks associated with security monitoring, detection, incident response, and security program initiatives. Develops and documents standard operating procedures and best practices. As a part of the Cyber Fusion Center, Threat Management & Security Engineering, this position will coordinate with other CFC DSOC team members as well as Digital Foundational Tech (infrastructure) teams to create system connections to collect logs and implement data correlations, & lookup tables. Develop and implement customized alert and reporting based on DSOC analysts' requests Perform or lead orchestration and automation activities (SOAR) to integrate security tools that support DSOC processes. Support log aggregation and log retention activities, developing custom solutions when necessary Support analytics, tuning, and maintenance of endpoint and network security sensors Work closely with other DSOC team members, threat Intelligence analysts or providers, and other Digital Security teams to improve security platforms or tools for consumers of security operations and investigations REQUIRED Minimum of two (2+) years of administrating networked environments, development and support experience with SIEM platforms in medium to large enterprises. Understanding of security issues and technologies for desktop, virtual, cloud services, and network infrastructures. Must have in-depth knowledge of operating systems and IT infrastructure, while possessing a detailed technical understanding of log collection, security technologies, firewall rules, computer privileges, and databases. Basic operating system administration, knowledge of common network protocols, and overall familiarity with scripting are necessary skills to improve automation and efficiency. Experience in IT systems and security policies, standards, industry trends, and techniques. Experience working with hybrid cloud infrastructure. Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling). Working knowledge of Python, Golang, JavaScript, PowerShell, Perl, or *nix Shell scripting (multiple). Experience with published standards, guidance, and frameworks related to information security architecture, information security controls, and practical implementation techniques in an enterprise. Fundamental understanding of data and secrets security, system administration, vulnerability management, secrets management and vaulting, and platform/OS security. Demonstrate high level of communication skills, both verbal and written with collaborative mindset Demonstrate a logical and structured approach to time management and task prioritization. Familiarity with Agile and other project management methodologies. Ability to work well under pressure and have great organizational and interpersonal skills. Recommended A Bachelor's degree in Computer Science or Software Engineering. One or more professional security certifications such as Certified Splunk Administrator, CISSP, OSCP, OSCE, GCIH, CASP, AWS Security, or equivalent. Three (3) or more years experience in Information Security, IT Risk Management or IT Compliance. Familiarity with PCI DSS, HIPAA, and other industry regulations Experience working with Splunk Enterprise Security. PERKS? A robust Benefits plan with coverage starting Day One Dental, vision, life, and other insurance plans; flexible spending accounts; short term / long term disability coverage Partner Care Team, for any time you have healthcare or coverage questions Telehealth offers 24/7 access to board-certified doctors by phone Partner Guidance allows free counselor visits Funeral leave, jury duty, and military pay (subject to applicable law) Maternal / paternal leave for new parents, including adoptions 10% off H-E-B brand products in-store and online Eligibility to participate in 401(k) ISSEC3232Our Partners thriveThe H-E-B Way. As aSecurity Engineer II: Detection Engineer you would have a... HEART FOR PEOPLE... you have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teams HEAD FOR BUSINESS... you have an ownership mentality and a consistent track record of timely delivery of high-quality software PASSION FOR RESULTS... the ability to guide the discussion, remove roadblocks, and provide guardrails for your team as they identify challenges and propose solutions. This position is responsible for developing content and maintaining the reports, alerts, correlation, and triggers for security tool sets, based on data and feedback supplied by Digital Security Operations Center (DSOC) analysts. A deep understanding of security tools is required. When a DSOC senior analyst requires a piece of information, the system administrator will collaborate with a security engineer to perform the integration, collection, or configuration to receive those pieces of data. This role supports Cyber Fusion Center threat management, Digital Foundational Technology operations, CFC DSOC incident response & DSOC detection engineering efforts. ROLE - Analyzes and investigates security alerts and helps tune and improve notables. - Integrates SIEM with upstream data sources by automating data ingestion. - Manages large data sets including creating and organizing indexes. - Completes projects and tasks associated with security monitoring, detection, incident response, and security program initiatives. - Develops and documents standard operating procedures and best practices. - - As a part of the Cyber Fusion Center, Threat Management & Security Engineering, this position will coordinate with other CFC DSOC team members as well as Digital Foundational Tech (infrastructure) teams to create system connections to collect logs and implement data correlations, & lookup tables. - Develop and implement customized alert and reporting based on DSOC analysts' requests - Perform or lead orchestration and automation activities (SOAR) to integrate security tools that support DSOC processes. - Support log aggregation and log retention activities, developing custom solutions when necessary - Support analytics, tuning, and maintenance of endpoint and network security sensors - Work closely with other DSOC team members, threat Intelligence analysts or providers, and other Digital Security teams to improve security platforms or tools for consumers of security operations and investigations REQUIRED - Minimum of two (2+) years of administrating networked environments, development and support experience with SIEM platforms in medium to large enterprises. - Understanding of security issues and technologies for desktop, virtual, cloud services, and network infrastructures. - Must have in-depth knowledge of operating systems and IT infrastructure, while possessing a detailed technical understanding of log collection, security technologies, firewall rules, computer privileges, and databases. Basic operating system administration, knowledge of common network protocols, and overall familiarity with scripting are necessary skills to improve automation and efficiency. - Experience in IT systems and security policies, standards, industry trends, and techniques. - Experience working with hybrid cloud infrastructure. - Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling). - Working knowledge of Python, Golang, JavaScript, PowerShell, Perl, or *nix Shell scripting (multiple). - Experience with published standards, guidance, and frameworks related to information security architecture, information security controls, and practical implementation techniques in an enterprise. - Fundamental understanding of data and secrets security, system administration, vulnerability management, secrets management and vaulting, and platform/OS security. - Demonstrate high level of communication skills, both verbal and written with collaborative mindset - Demonstrate a logical and structured approach to time management and task prioritization. - Familiarity with Agile and other project management methodologies. - Ability to work well under pressure and have great organizational and interpersonal skills. Recommended - A Bachelor's degree in Computer Science or Software Engineering. - One or more professional security certifications such as Certified Splunk Administrator, CISSP, OSCP, OSCE, GCIH, CASP, AWS Security, or equivalent. - Three (3) or more years experience in Information Security, IT Risk Management or IT Compliance. - Familiarity with PCI DSS, HIPAA, and other industry regulations - Experience working with Splunk Enterprise Security. PERKS? - A robust Benefits plan with coverage starting Day One - Dental, vision, life, and other insurance plans; flexible spending accounts; short term / long term disability coverage - Partner Care Team, for any time you have healthcare or coverage questions - Telehealth offers 24/7 access to board-certified doctors by phone - Partner Guidance allows free counselor visits - Funeral leave, jury duty, and military pay (subject to applicable law) - Maternal / paternal leave for new parents, including adoptions - 10% off H-E-B brand products in-store and online - Eligibility to participate in 401(k) ISSEC3232
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to Professional Diversity Network
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Security Engineer II: Detection Engineer
Security Engineer II: Detection Engineer is a Engineering Engineer Job at H-E-B Grocery Stores located in San Antonio TX. Find other listings like Security Engineer II: Detection Engineer by searching Oodle for Engineering Engineer Jobs.
Security Engineer II: Detection Engineer is a Engineering Engineer Job at H-E-B Grocery Stores located in San Antonio TX. Find other listings like Security Engineer II: Detection Engineer by searching Oodle for Engineering Engineer Jobs.