Senior Security Engineer

We are looking for an Information Security Engineer experienced in Cloud/SOAR development to work in a dynamic and exciting new position reporting to the Security Operation Center Manager of our FortiGuard Responder MDR Services. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics, and threat actors TTPs. In this very dynamic role the engineer’s main objective is to build exciting new solutions to routine manual processes across a variety of tools and disciplines, leading the evaluation, integration and testing of new Cyber tools and technologies. You should see different technologies as a means to an end and be well practiced at hunting for a solution through unfamiliar territory.

To be successful in this role the candidate must possess strong cross-platform development skills and be able to work under tight timelines.

Responsibilities:

• Work closely with a small team to build and maintain a public-facing GDPR-compliant cloud platform leveraging FortiSOAR and AWS
• Work closely with the Security Operations Center (SOC), Incident Response, and Threat Hunting teams to improve existing automation and deliver resilient security solutions
• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies
• Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event
• Develop custom scripts to automate current detection and response workflows.

Required Skills:

• Experience building and maintaining highly available 24×7 enterprise operational environment
• Experience designing, building, and managing infrastructure in AWS, including cross-region deployment
• Monitoring daily system performance and respond immediately to security or usability concerns
• Experience with Security Orchestration, Automation and Response (SOAR) tools and technologies
• Experience with Python scripting language for automating security operations and incident response processes
• Experience with operating system internals for both Linux and Windows platforms
• Experience with commercial Enterprise Detection and Response (EDR) platforms
• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles
• Strong understanding of security architecture, tool integration, API development and automation

• Experience managing complex security solutions in large environments
• Experience building and managing a public-facing GDPR-compliant cloud platform
• Understanding of Incident Response processes
• Understanding of common SOC and SOAR processes and workflows
• Understanding of load balancing, TCP/IP, basic networking skills such as IP, DNS, HTTP, and LDAP
• Experience using FortiSIEM, Splunk and/or other SIEMs
• Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
• Exceptional communication skills
• Exceptional organizational skills
• A positive attitude with lots of initiative, and a love of problem solving

Education:

• Minimum Bachelor’s degree in information systems, information security, computer science, engineering, or similar technical field of study
• 5+ years experience with Cloud/SOAR development

#LI-KD1
#GD