Security Engineer II: Detection Engineer
Company: H-E-B
Location: San Antonio
Posted on: May 8, 2024
|
|
Job Description:
Responsibilities: Our Partners thrive The H-E-B Way . As a
Security Engineer II: Detection Engineer you would have a HEART FOR
PEOPLE you have a passion for mentorship and guidance, and love for
the direct person-to-person interactions that create strong bonds
between teams HEAD FOR BUSINESS you have an ownership mentality and
a consistent track record of timely delivery of high-quality
software PASSION FOR RESULTS the ability to guide the discussion,
remove roadblocks, and provide guardrails for your team as they
identify challenges and propose solutions. This position is
responsible for developing content and maintaining the reports,
alerts, correlation, and triggers for security tool sets, based on
data and feedback supplied by Digital Security Operations Center
(DSOC) analysts. A deep understanding of security tools is
required. When a DSOC senior analyst requires a piece of
information, the system administrator will collaborate with a
security engineer to perform the integration, collection, or
configuration to receive those pieces of data. This role supports
Cyber Fusion Center threat management, Digital Foundational
Technology operations, CFC DSOC incident response & DSOC detection
engineering efforts. ROLE Analyzes and investigates security alerts
and helps tune and improve notables. Integrates SIEM with upstream
data sources by automating data ingestion. Manages large data sets
including creating and organizing indexes. Completes projects and
tasks associated with security monitoring, detection, incident
response, and security program initiatives. Develops and documents
standard operating procedures and best practices. As a part of the
Cyber Fusion Center, Threat Management & Security Engineering, this
position will coordinate with other CFC DSOC team members as well
as Digital Foundational Tech (infrastructure) teams to create
system connections to collect logs and implement data correlations,
& lookup tables. Develop and implement customized alert and
reporting based on DSOC analysts requests Perform or lead
orchestration and automation activities (SOAR) to integrate
security tools that support DSOC processes. Support log aggregation
and log retention activities, developing custom solutions when
necessary Support analytics, tuning, and maintenance of endpoint
and network security sensors Work closely with other DSOC team
members, threat Intelligence analysts or providers, and other
Digital Security teams to improve security platforms or tools for
consumers of security operations and investigations REQUIRED
Minimum of two (2+) years of administrating networked environments,
development and support experience with SIEM platforms in medium to
large enterprises. Understanding of security issues and
technologies for desktop, virtual, cloud services, and network
infrastructures. Must have in-depth knowledge of operating systems
and IT infrastructure, while possessing a detailed technical
understanding of log collection, security technologies, firewall
rules, computer privileges, and databases. Basic operating system
administration, knowledge of common network protocols, and overall
familiarity with scripting are necessary skills to improve
automation and efficiency. Experience in IT systems and security
policies, standards, industry trends, and techniques. Experience
working with hybrid cloud infrastructure. Working knowledge of
information systems security standards/practices (e.g., access
control and system hardening, system audit and log file monitoring,
security policies, and incident handling). Working knowledge of
Python, Golang, JavaScript, PowerShell, Perl, or *nix Shell
scripting (multiple). Experience with published standards,
guidance, and frameworks related to information security
architecture, information security controls, and practical
implementation techniques in an enterprise. Fundamental
understanding of data and secrets security, system administration,
vulnerability management, secrets management and vaulting, and
platform/OS security. Demonstrate high level of communication
skills, both verbal and written with collaborative mindset
Demonstrate a logical and structured approach to time management
and task prioritization. Familiarity with Agile and other project
management methodologies. Ability to work well under pressure and
have great organizational and interpersonal skills. Recommended A
Bachelors degree in Computer Science or Software Engineering. One
or more professional security certifications such as Certified
Splunk Administrator, CISSP, OSCP, OSCE, GCIH, CASP, AWS Security,
or equivalent. Three (3) or more years experience in Information
Security, IT Risk Management or IT Compliance. Familiarity with PCI
DSS, HIPAA, and other industry regulations Experience working with
Splunk Enterprise Security. PERKS? A robust Benefits plan with
coverage starting Day One Dental, vision, life, and other insurance
plans; flexible spending accounts; short term / long term
disability coverage Partner Care Team, for any time you have
healthcare or coverage questions Telehealth offers 24/7 access to
board-certified doctors by phone Partner Guidance allows free
counselor visits Funeral leave, jury duty, and military pay
(subject to applicable law) Maternal / paternal leave for new
parents, including adoptions 10% off H-E-B brand products in-store
and online Eligibility to participate in 401(k) ISSEC3232
Keywords: H-E-B, New Braunfels , Security Engineer II: Detection Engineer, Engineering , San Antonio, Texas
Click
here to apply!
|