As a Sr. Security Engineer, you will be working for a team that is responsible for developing SIEM content to monitor and detect cyber security threats & incidents, and for building out semi-automated response capabilities for these threats in a SOAR platform. You will be part of the first line of defense for the enterprise cyber security posture, and you will be responsible for SIEM content management, content creation, rule tuning, reporting, and process documentation.
Additional responsibilities of the Sr Security Engineer may include:
- Handle cloud-based security incidents from identification through containment, eradication, recovery, and reporting
- Performing inbound security event analysis in an industry leading SIEM to investigate and respond to security incidents, as well as to identify tuning, use case, automation, process improvement, and content development opportunities
- Creating and performing review and validation of daily compliance reports to track business as usual and out of policy activities
- Creating thorough Use Case, Playbook, Standard Operating Procedures (SOPs) and training documentation Identifying cyber security processes that can be improved through automation, and then working collaboratively with network security, engineering, product & infrastructure teams to build automated tasks for security appliances via API calls that leads to practical process improvements and improves overall security effectiveness
- Researching new security technologies and their applications to SIEM, SOAR, and cloud environments
- Working with the Security Operations Center (SOC) to identify content improvement opportunities
- Assisting the SOC with searches by acting as an expert in Splunk Search Language
- Participating in an on-call rotation that provides 24/7 support
- Writing scripts to automate daily SOC tasks
- Mentor and teach junior and mid-level analysts
- 5+ years of IT experience
- 3+ years of Cyber Security, SIEM or SOAR experience
- 1+ years of experience and knowledge of three or more of the following security-related technologies in a professional or academic setting: Intrusion Prevention Systems, Security Automation Orchestration, Cloud Security, SIEM, EUBA, Web Proxies, Firewalls, Web application scanners, Sandboxes, Scripting, Vulnerability Scanners, Malware Research Tools or Forensics Tools
- Prior SOC or Cyber Security Analyst experience in a SIEM oriented team
- Experience with cloud computing and cloud technologies
- Scripting or development experience, with a strong understanding of Python and PEP 8 standards
- One or more certifications, including but not limited to Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, SplunkES Admin, AWS, Microsoft Azure Security Engineer or equivalent.
- Experience with networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, etc.)
- Experience with operating system architecture (Windows, UNIX, Linux)
Bachelor’s degree or equivalent experience preferred
At Aetna, a CVS Health company, we are joined in a common purpose: helping people on their path to better health. We are working to transform health care through innovations that make quality care more accessible, easier to use, less expensive and patient-focused. Working together and organizing around the individual, we are pioneering a new approach to total health that puts people at the heart.
We are committed to maintaining a diverse and inclusive workplace. CVS Health is an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring or promotion based on race, ethnicity, gender, gender identity, age, disability or protected veteran status. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
- Address Hartford, CT, USA
- Salary Offer $100.000 ~
- Experience Level Senior
- Total Years Experience 0-5
- Academic Degree Bachelors