Security Automation Engineer -2201469

Job Summary:
The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation-states to criminals. In response, the Raymond James Cyber Threat Center (CTC) is charged with ensuring all equities are secure against all tiers of adversaries. We are the central hub for Computer Network Operations and are on the front lines of security incident response, threat hunting, and intelligence. You’ll be working with emerging technologies to solve challenging security problems in a fast-paced and continually evolving environment while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm. The Cyber Threat Engineer (CTE) is a primary member of the Cyber Threat Center (CTC) who understands cyber threat intelligence collection and production requirements, Incident Response procedures, and orchestration principles. The CTE can effectively leverage this knowledge to automate cyber threat intelligence requirements through the CTC’s Security Orchestration Automation and Response (SOAR) processes within ServiceNow.

Essential Duties and Responsibilities:
• Agile development & maintenance of automation script/tools to scale cybersecurity work across the organization
• Develop custom integrations, data correlation, and processing strategies to reduce cybersecurity risk
• Act as a Subject Matter Expert for the automation team Excellent problem-solving and conceptual thinking abilities
• Ability to quickly learn new cybersecurity concepts. Passionate about cybersecurity and self-driven to become an expert
• Maintain situational awareness for cyber threats across the global firm and take action where necessary.
• Maintain knowledge of security principles and best practices, and remain current with emerging threats and trends.
• Assists teams in various security and privacy risk mitigation efforts; including incident response.
• Design automated actions to validate, contain, eradicate, and remediate security incidents.
• Update and maintain security orchestration, automation and response content
• Collaborate with cross-functional teams to design, prioritize, and implement orchestration use cases to strengthen the security posture of the organization
• Collect, enrich, and leverage data from third party and proprietary security tools to customize plans.
• Ensure timely and effective identification of anomalies and drive continuous improvement of existing scripts and subtasks that enable broader playbook execution

Experience and Skills:
• B.S. in Computer Science, Computer Engineering, MIS, or related degree and a minimum of 1-3 years of related experience in Information Security or an equivalent combination of education, training and experience.
• Experience should include one or more years of programming experience with at least one modern language such as JavaScript or Python
• Systems administrator experience in Linux, Unix, Windows or OSX operating systems
• Knowledge of networking and the common network protocols
• Experience with API development and integration preferred
• ServiceNow Security Operations Module Development is a plus, will provide training

Licenses/Certifications:
• One or more of the following certifications preferred but not required: CISSP, SANS GCIH (Incident Handler), SANS GCIA (Intrusion Analyst), Offensive Security Certified Professional (OSCP)

Competencies and Behaviors:
• Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions.
• Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
• Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints and probable consequences.
• Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise.
• Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals.

We expect our associates at all levels to:
• Grow professionally and inspire others to do the same
• Work with and through others to achieve desired outcomes
• Make prompt, pragmatic choices and act with the client in mind
• Take ownership and hold themselves and others accountable for delivering results that matter
• Contribute to the continuous evolution of the firm

At Raymond James – we honor, value, respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic self, our organization, clients and communities thrive, it is part of our part of our people-first culture. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business.