Security Automation Engineer Lead
At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
Summary:
We are looking for a highly motivated and experienced Security Automation Engineer to join Northwestern Mutual Cybersecurity team! As a member of the Security Automation team, you will play a pivotal role in shaping, designing, and building a continuous and sustainable security automation pipeline with the goal of enhancing the efficiency, effectiveness and accuracy of detection and response capabilities and reducing manual tasks for the Cybersecurity teams. This role requires a mix of coding skills, systems engineering, network security domain expertise and leadership skills.
Primary Responsibilities:
- Understand the portfolio of technologies used in threat detection and response as well as other cybersecurity areas, with an eye towards actively identifying automation opportunities and areas of improvement withing the processes of NM's Cybersecurity teams with the goal of decreasing response times, increasing effectiveness and streamlining security operations.
- Work independently and with cross-functional teams representing the security automation team as the subject matter expert in technical areas and products owned by the team to help prioritize automation efforts for the internal cyberdefense teams.
- Set technical direction and lead the design, implementation and maintenance of automation processes and projects related to security events through SOAR playbooks and custom automation tools (primarily in Python and PowerShell).
- Lead efforts to design and implement the capability to track, monitor and report meaningful metrics for the Security Automation program and assist with the efforts for the delivery of accurate metrics for the rest of NM's Cyberdefense organization.
- Author project plans and documentation related to the automation of workflows for detection/response procedures.
- Guide and mentor junior team members in maintaining and improving the team's products, infrastructure, and technology stack. Mentoring includes also leading technical educational activities, and freely sharing knowledge and expertise.
Required Skills:
- Bachelor's degree in computer science, Cybersecurity, Computer Engineering, Software Engineering, or related field
- 7+ years of previous experience with security automation and orchestration tools and software development technologies.
- 7+ years of proven professional development experience using Python, REST API best practices and usage.
- Thorough command of network security concepts, network and systems administration and software engineering technologies (i.e., web and network protocols)
- Hands-on experience architecting, automating, maintaining, and securing Cloud Computing Platforms as well as with their associated security implications - AWS and Azure experience is a plus.
- Hands-on experience with threat landscape concepts and security technologies such as SIEM, firewalls, IDR/IPS, EDR, IAM principles and others.
- Excellent written and verbal communications skills.
- Proven ability to communicate to a technical and non-technical audience (i.e. conference presentations). Experience with executive-level communications is a plus.
Preferred Skills:
- Extensive experience with Splunk SOAR (Phantom) and Splunk SIEM.
- Extensive experience with Splunk SPL queries, dashboards, and alerts.
- Extensive ServiceNow development experience.
- Practical experience with automation techniques using PowerShell, Bash, JavaScript, API calls, and regular expressions
- Additional expert coding experience in one or more programming languages - Java, C++, Go, JavaScript.
- Experience with the DevOps model, CI/CD environments, and tooling such as GitLab, GitLab CI, Terraform, Ansible, Kubernetes etc.
- Experience working in Security Operations, Incident Response, or Penetration Testing
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.