Senior Security Platform Engineer

Summary

Join At-Bay's Security team as a Senior Security Platform Engineer and leverage your cybersecurity expertise to design, deploy, and maintain integrated security automation solutions. You will collaborate with security monitoring and incident response teams to identify opportunities for automation, develop custom solutions, and create user documentation. This role requires hands-on experience with various enterprise cybersecurity platforms and scripting languages. At-Bay offers a unique opportunity in the InsurSec market, serving 35,000 customers and experiencing 5X fewer ransomware attacks. The position is open nationwide in the USA.

Requirements

• Hands-on experience operating, tuning, implementing, and/or maintaining one or more enterprise cybersecurity platforms including: SIEM (e.g., Splunk, Elastic Security, Securonix, etc.), SOAR (e.g., Splunk SOAR, Swimlane, Cortex XSOAR, Tines, etc.), Data loss prevention (DLP) (e.g., Forcepoint DLP, Symantec DLP), EDR (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender, etc.), Intrusion detection / prevention, Malware analysis (e.g., Joe Sandbox, Cuckoo), Identity management (e.g., Okta, Auth0, OneLogin, etc.), Workflow management (e.g., ServiceNow, SalesForce, etc.), Cloud security (Amazon GuardDuty, Microsoft Sentinel, etc.)
• Hands-on experience working in information technology operations (i.e. Network Operations Center or Security Operations Center)
• Minimum of 2 years of experience in cybersecurity engineering / operations OR 1 year of experience with designing cybersecurity automation playbooks and implementing automation workflows using SOAR tools
• Experience with one or more scripting languages (e.g., Python, JavaScript, Ruby, etc.)

Responsibilities

• Collaborate with team members performing security monitoring and incident response duties to identify opportunities to streamline security operations by automating workflows using existing tools and available data
• Develop identified opportunities into custom automation solutions such as workflows and stand-alone scripts
• Develop requirements for custom automation solutions
• Implement and test custom automation solutions
• Develop user documentation for custom automation solutions
• Perform handoff to delivery teams of custom automation solutions
• Maintain automation solutions
• Ideate and develop automation playbooks for a variety of detection and response use cases

Preferred Qualifications

• Bachelor’s degree or equivalent with significant coursework in computer science, computer engineering, information systems, or cybersecurity
• A mix of security operations, security engineering, cloud security and security automation experience
• Experience with agile methodologies and/or DevOps
• Experience with continuous integration tools (e.g., Gitlab CI, Jenkins, Cmake)
• Expertise in application development frameworks, build systems and ability to integrate tools into the CI infrastructure
• Experience with cloud security including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, GCP)