Security Engineer

Summary

Join Experian as a Security Engineer and collaborate with cross-functional teams, including threat intelligence analysts and SOC analysts. You will leverage your information security expertise in incident response and understanding of security log feeds to enhance our SIEM. Key responsibilities include understanding and improving data feeds from multiple security tools, creating new content use cases, managing the content lifecycle, improving application vulnerabilities, identifying capability gaps, developing parsers and scripts, participating in root cause analysis, and providing recommendations for data sources. This role requires 5+ years of experience in security or site reliability engineering, along with specific skills in Terraform, CI/CD pipelines, programming/scripting, ETL onboarding, Splunk administration, REST API development, and Agile methodologies. The position offers a remote work option within the US, a competitive compensation package, core benefits, and a flexible work environment.

Requirements

• 5+ years experience in security engineering or site reliability engineering
• Excellent Terraform skills required and experience with Cloud Migration
• Experience working with and developing CI/CD pipelines for Infrastructure as Code required
• Knowledge of programming/scripting fundamentals (python/golang) required
• Expertise in performing ETL onboarding for diverse log feed technologies required
• Experience supporting a Splunk platform administration, new content dashboards, applications, and use cases
• Hands-on experience developing Rest API's to capture data from external sources
• Experience with Agile methodologies
• Understanding of multiple log formats and source data for SIEM Analysis
• Solid background with Windows and Linux platforms (security or system administration)

Responsibilities

• Understand data feeds of multiple security tools and logs that feed the SIEM & UEBA technologies. Identify capabilities and quality of these feeds and recommend improvements
• Create new content use cases based on threat intelligence, analyst feedback, available log data, and previous incidents
• Perform daily activities of the content life cycle, including creating new use cases, testing content; tuning, and removing content; and maintain associated documentation
• Improve vulnerabilities in the different application environments
• Work with the other security teams and product SMEs to identify gaps within the existing capability
• Develop parsers/field extractions to facilitate reliable content development
• Develop custom scripts to enhance default SIEM functionality
• Participate in root cause analysis on security incidents and provide recommendations for new data sources and enrichment

Benefits

• This role is remote from within the US
• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remote, hybrid or in-office
• Flexible time off including volunteer time off, vacation, sick and 12-paid holidays