Information Security Engineer

The Information Security Splunk/SIEM Engineer is part of the Cybersecurity Operations team and will be responsible for maintaining and administrating Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders, and Splunk Enterprise Security, spanning security, performance, and operational roles. The Engineer should be proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The Splunk engineer should be proficient within a Linux environment, editing and maintaining Splunk configuration files and apps.

In addition to supporting the SIEM environment, The Information Security Engineer will also help investigate and triage security alerts and participate in the teams on call schedule. This role will have an opportunity to grow with in the Cybersecurity space and learn other security tools, processes, and procedures.

Organizational Relationships:

The role is part of the Security Operations team and works with the Information Technology team and the business to support secure information process and technology as it relates to logging and alerting.

Job Responsibilities include:

• Work with Sr Engineer to support, maintain and enhance current SIEM solution.
• Maintain and improve current logging and alerting.
• Support security operations activities responding to alerts, participating in on call schedule, owning and supporting security tools.
• Analyze logs, identify, recommend, and improve current logging requirements and help oversee SIEM environment, logging and alerting.
• Participate as part of the Information Security Operations team. Some after hours and weekend work required.
• Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) (Host/Network/Wireless), secure file transfer, Data Loss Prevention (DLP), full disk encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, etc.

Experience

• 2-3 years investigating and documenting security incidents.
• Experience with Windows servers
• Experience with Linux servers
• Experience with cloud storage configurations and capabilities
• Experience with syslog-NG
• Experience with regular expression
• Knowledge of Python,
• Splunk Enterprise Security Experience Preferred
• Demonstrate behaviors consistent with the Company’s Vision, Mission, and Values in all interactions with customers, co-workers, and suppliers.
• Adheres to all company policies, procedures, and safety standards

Qualifications:

• BS. Degree preferred in Computer Science, Information Technology, or related field of study; or any equivalent combination of relevant background, skills and experience.
• 2-3 year’s relevant experience in Information Security in medium to large organizations.
• High degree of proficiency MS Office Suite, Outlook & Internet applications.
• Strong analytical, prioritizing, interpersonal, problem-solving, and presentation, project management (from conception to completion) and planning skills
• Strong verbal and written communication skills.
• Strong negotiation/mediation skills.
• Demonstrated collaborative skills and ability to work well within a team.
• Ability to work in a fast-paced and deadline-oriented environment.
• Self-motivated with critical attention to detail, deadlines and reporting.

Next Possible Position: Senior Engineer, Information Security

Physical Requirements:

• Extended working hours may be required as dictated by management and business needs.
• Ability to travel (25%) to multiple facilities as business needs dictate.
• May be required to lift, push, or pull materials weighing up to twenty (20) pounds.
• May be required to sit and review information on a computer screen for long periods of time.
• May require repetitive motions of the hands and wrist related to writing and typing at an electronic keyboard.

The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform job related tasks other than those specifically presented.

AutoNation is an equal opportunity employer and a drug-free workplace.

keywords: Information Security, Splunk, SIEM, Intrusion Detection System, Intrusion Prevention System (IDS/IPS) (Host/Network/Wireless), secure file transfer, Data Loss Prevention (DLP), full disk encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, South Florida, Miami, Fort Lauderdale

Company Overview