Info Security Ops Engineer II

You will be a cornerstone of the Global Security Operations Center (GSOC) as a SOC Detection Engineer II at Blackhawk Network. Your role is crucial in advancing the cybersecurity posture by engineering next-generation detection capabilities specializing in Splunk Enterprise Security (ES) and Splunk SOAR. You will also lead in utilizing AI and Generative AI to proactively identify and neutralize security threats, including sophisticated fraud schemes. **Responsibilities:** - Design, develop, and manage high-fidelity detection logic in Splunk ES and SOAR for enterprise and product security operations. - Build predictive and behavioral-based detections using AI/ML models and GenAI, moving beyond traditional methods. - Proactively hunt threats by operationalizing threat intelligence, developing hypotheses, and using advanced data analytics and anomaly detection. - Continuously enhance the detection portfolio by mapping capabilities to frameworks like MITRE ATT&CK, identifying gaps, and optimizing existing logic. - Develop Python scripts for custom automation in Splunk SOAR playbooks and integrations. - Utilize GenAI to enhance security orchestration, such as generating incident summaries or recommending response actions. - Automate complex security tasks to increase operational efficiency and reduce mean time to respond (MTTR). - Integrate and operationalize threat intelligence from platforms like Recorded Future, Rapid7 Threat Command, and Anomali into detection and automation workflows. - Collaborate with threat intelligence analysts to enrich threat data for contextualized and actionable detections. - Engineer and enhance security monitoring and detection capabilities for AWS cloud environments. - Ensure seamless integration of security detection into cloud infrastructure and CI/CD pipelines in collaboration with cloud operations teams. **Qualifications:** - Deep expertise in Splunk ES and Splunk SOAR, Python scripting, AI/ML, and GenAI in a security context. - Extensive experience in managing and securing AWS environments and utilizing threat intelligence platforms. - Proficiency in modern SOC methodologies, threat landscapes, and cybersecurity frameworks. - Strong background in proactive threat hunting, incident detection, and mitigation strategies. **Preferred Qualifications & Certifications:** - Bachelor's degree in Computer Science, Information Security, or related field. - Advanced cybersecurity certifications like CISSP, GIAC, Splunk SOAR Certified Automation Developer, or AWS Certified Security - Specialty are preferred. You are expected to demonstrate curiosity, adaptability, and successful implementation of AI tools to enhance work, improve processes, and deliver measurable results. The company values continuous learning and the integration of AI to create a meaningful impact for employees and the future of work.,