Security Automation and Orchestration (SAO) Engineer

Job Listing No: 9740000

Security Automation and Orchestration (SAO) Engineer

Position Purpose & SummaryCargill is seeking an exceptional Security Automation and Orchestration Engineer for our growing security organization.? This is a key position to strengthen the security automation capabilities which have been identified as a critical area for growth and specialization within Global IT?s scope.? As part of the Cyber Intelligence Operation?s DevOps Team, you will be helping shape our automation efforts.This position requires a passion for building security solutions and capabilities that enable customers to protect their organization's people and assets. Are you someone that thrives in a customer-facing role? If so, then this role may be right for you. You will collaborate with our security leadership, security engineers, Security Operations Center, Cyber Security Incident Response Team, and Cyber Intelligence Operations teams to help them use the capabilities of our Security Automation and Orchestration platform consisting of Phantom, Jira and integration to several tools.? This role will be accountable for the stability, maintenance, and operation of our Phantom platform.We are looking for engineers who can help our organization realize the potential of our Security Automation & Orchestration platform. As a trusted subject matter expert & mentor, you will help customers in their use case identification, planning, implementation, development, and training of playbooks that leverage their cyber security tools, skills, and infrastructure. Join us as we pursue our new vision to make machine data accessible, usable and valuable to everyone.Principal Accountabilities60% ExecutionGather requirements and document end to end use cases to include but not limited to:Working with the Cyber Threat Response Team and other Command Center teams to develop innovative integrations and playbooksWork with tools like? Tanium, Semantic? and other security tools and their APIWork with Vulnerability team to understand, documents and implement vulnerability related use casesWork with Penetration testers to gather and implement their use casesWork with Intel team to understand, document and implement use cases with MISP and other productsWork directly with Security Information and Event Management (SIEM) Team and other security product owners to architect an end to end automation solution such as:Enrich SIEM events with data from systems like LDAP, VirusTotal and othersManage and write Smart responses/post processors for SIEMS alarmsContextualize alarms by looking at various data points and ascertain threats and alerts appropriatelyWrite and maintain playbooks and Phantom apps using PythonTrain and mentor security leaders and managers, security operations teams, threat intelligence groups and incident responders on emerging tools and techniques to detect and respond to threats.Architect and manage the mapping and integrations between various systemsUse REST calls to various APIs to enrich and contextualize alarmsWrite and execute SQL to manipulate data in SQL databases like PostgresDocument mapping between various integration points, Document the apps that we build and the actions they perform, Document the scripts that are implemented for automation.Own and be accountable for the stability, maintenance, and operation of Phantom and it?s integrations20% CollaborationCollaborate and support team members within the DevOps Team like Jira admins and DevOps engineers to implement world class SAO platformWork closely with Cyber Intelligence Operations Teams to include Vulnerability Management, Cyber Intelligence, and Cyber Scouts?Participate in agile ceremonies to include daily scrums, demos, sprint planning, and retrospectivesWork with security tools product owners to architect integrations and collaborate with them regarding existing features, new features, release cycles, APIs, etc.?Work with Tanium team to help define questions?Collaborate with SIEM platform owner and team to establish standard mapping and integration specifications.Work with various Platform owners to make sure that the integrations are working as designed.20% Thought LeadershipResearch on new emerging tools and techniques and make presentation on their merits and recommendationsActively participate in community forums like Phantom Community to see what the community is working on and recommend tools, playbooks and techniques that would help CargillBe or become a known subject matter expert in the security automation and orchestration communityResearch on new ways to detect phishing and deal with various security threatsWork with Phantom for implementing new ideas into future product releasesSkills:
Required QualificationsBachelor?s degree in business, information systems or relevant degreeIn-depth knowledge of JSON, XML, SQL and/or PowerShellProgramming using REST API is a must4-6 years of relevant experience whether in information technology, information security products like Phantom, Software development, Software integrationsIn-depth Experience in:Python and/or Linux scriptingInformation security concepts or hands-on in areas such as incident management, security operations, vulnerability management, identity and access management, or network securityUsing Windows, Linux, Unix, and/or mobile platformsStrong written and verbal communication skills with an ability to communicate technical details in a clear and understandable mannerExcellent problem solving and interpersonal skillsMust be flexible to work with global teams and working on different time zonesBusiness fluency in EnglishAbility to travel globally up to 20%Preferred QualificationsMaster?s degree5 + years of professional experience with malware analysis, cyber intelligence, and security operations center, managing and administering security products like Phantom, Agile software development, or other security toolsKnowledge of other programming languages like Java is a plusKnowledge of Continuous Integration/Delivery, DevOpsAdmin experience with SIEM and Unix systems is a plusSelf-starter, self-motivated, and able to work independently while following the teams mission and vision in a fast-paced operationally focused environmentNon-English language skills

Apply for this job.




Similar Jobs For "Security Automation and Orchestration (SAO) Engineer"



 Jobs by Indeed job search

Penetration Tester

Company: infolob
Location: Chandler, AZ
The role will also involve developing a security testing infrastructure (from scratch) and tooling, as well as authoring automated tests to detect security bugs… To apply for this job vacancy in infolob you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 2 hours ago

Infrastructure Technician

Company: Novaspect
Location: Houston, TX
Process automation industry experience preferred. Cyber Security or Virtualization experience is a plus. This position is located in Chanhassen, MN. To apply for this job vacancy in Novaspect you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 1 hour ago

Test Engineer I

Company: GCS
Location: Harpers Ferry, WV
Test automation skills and knowledge of VB.NET, Rational Functional Tester or other automated testing tools. Duties and Responsibilities (to include but not be… To apply for this job vacancy in GCS you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 4 hours ago

Senior Associate, Federal Intelligent Automation

Company: KPMG
Location: Washington, DC 20036
Exposure to process automation modeling and intelligent automation platforms such as BluePrism, Automation Anywhere, UiPath, WorkFusion, Appian, Pega,… To apply for this job vacancy in KPMG you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 2 hours ago

Senior Associate, Intelligent Automation - Appian

Company: KPMG
Location: Washington, DC 20036
Lead presentations of key automation concepts and demonstrations to client stakeholders. Lead the build, test, and delivery of intelligent automation solutions… To apply for this job vacancy in KPMG you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 2 hours ago






Note: This job listing with titled "Security Automation and Orchestration (SAO) Engineer" was indexed from different job portals. This job might be expired or closed for accepting CV's so we suggest to browse it from the new jobs menu of this site. Our website is an open community website for assisting job seeker so if you found some broken links or error in our site don't hesitate to contact us to fix the issue. Thank you for using our free services.