Description of Position:
The role of every Information Security team member is to support the overarching values and business goals of our client as they relate to meeting legal, ethical and regulatory obligations; protecting member’s and employee’s privacy; and maintaining a secure technology environment for our operations. The Security Orchestration and Automation Developer provides developer support to improve the quality and speed of security work through orchestration and automation; develops and leverages SIEM; supports operational excellence throughout the SDLC lifecycle; and collaborates with the different security team to deliver enterprise-wide solutions.
Tasks and Responsibilities:
- Designs, builds, and maintains efficient, reusable and reliant code for security operations. Including Python, Powershell; and Kusto and Splunk SPL query languages.
- Provides subject matter expertise for Splunk SPL query writing, dashboard creation, and alert configuration.
- Reviews build results, debugs, optimizes complex code deployments and resolves technical issues throughout all stages of the SDLC.
- Develops and maintains a software artifact deployment environment with associated release documentation.
- Participates in code review sessions.
- Performs data ingest, ensuring appropriate source typing and data quality while utilizing add-ons and the CIM.
- Maintains current knowledge of industry trends and standards related to his/her area of focus. This will be accomplished through ongoing formal and informal training and reading industry information.
- Regular and reliable workplace attendance at your assigned location.
Required Skills, Abilities, & Certifications:
- A Bachelor’s degree in Computer Science or a minimum of 2 years of information security experience.
- Python experience is required.
- Experience with Splunk.
- Strong knowledge of object oriented concepts.
- Experience in Bash, Linux Shell or PowerShell scripting.
- Familiarity with code versioning tools such as Git, SVN, etc.
- Innovative, creative, and extremely responsive, with a strong sense of urgency.
- Willing to share knowledge and assist others in understanding technical and business topics.
- Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays.
- High degree of ethics/confidentiality required. May be required to pass security screening.
- Working knowledge of Web Services, SOAP, JSON and XML technologies.
- Experience with ServiceNow.
- Configuration Management experience (Puppet and Chef preferred).
- Experience with application deployment automation.
- General networking knowledge.
- Experience in the Retail industry.
- Splunk Professional Certifications.
- One or more professional security certifications such as CISSP (or equivalent).
- Successful internal candidates will have spent one year or more on their current team.