Information Security Engineer

**Job Description:** Operational security automation involves automating some or all aspects of SOC or VOC operations, thereby replacing manual workflows with automated ones. The fundamental building block of automation in this context is the security playbook. A playbook outlines the workflow steps that teams will take to address different types of security alerts or events. By developing playbooks in advance, teams can avoid the need to create a response plan every time an alert or event occurs. **Key Responsibilities:** - Scripting and workflow development following proper engineering and integration lifecycles (design, create, test, document, integrate, monitor, maintain), with a focus on reusability. - Creating and integrating APIs to establish orchestrated workflows. - Autonomously planning daily security automation operations to ensure targets are achieved. - Identifying and recommending necessary changes to operational security teams to enhance automation, orchestration, maximize team talent, and reduce routine tasks. - Ensuring that operational security automations align with business and technical requirements, are maintainable, scalable, and meet performance standards. - Bringing external perspective and ideas from relevant sources, staying current with technology and industry best practices in the security industry threat landscape. - Communicating technical and functional requirements effectively, efficiently, and creatively, with a high degree of collaboration and influence. - Collaborating with in-house teams to determine the appropriate mix of tools, techniques, and procedures to translate organizational needs and future goals into a secure and effective plan. **Qualifications Required:** - 10+ years of experience in Information Security with a focus on operational security. - Experience with agile project management processes and methodologies. - Mandatory 3 years of experience with one of the following SOAR vendor platforms (Tines, Swimlane). - Ability to work autonomously. - Advanced research, analytical, and problem-solving skills. - Masters degree in Computer Science, Information Security, or a related field. **Job Description:** Operational security automation involves automating some or all aspects of SOC or VOC operations, thereby replacing manual workflows with automated ones. The fundamental building block of automation in this context is the security playbook. A playbook outlines the workflow steps that teams will take to address different types of security alerts or events. By developing playbooks in advance, teams can avoid the need to create a response plan every time an alert or event occurs. **Key Responsibilities:** - Scripting and workflow development following proper engineering and integration lifecycles (design, create, test, document, integrate, monitor, maintain), with a focus on reusability. - Creating and integrating APIs to establish orchestrated workflows. - Autonomously planning daily security automation operations to ensure targets are achieved. - Identifying and recommending necessary changes to operational security teams to enhance automation, orchestration, maximize team talent, and reduce routine tasks. - Ensuring that operational security automations align with business and technical requirements, are maintainable, scalable, and meet performance standards. - Bringing external perspective and ideas from relevant sources, staying current with technology and industry best practices in the security industry threat landscape. - Communicating technical and functional requirements effectively, efficiently, and creatively, with a high degree of collaboration and influence. - Collaborating with in-house teams to determine the appropriate mix of tools, techniques, and procedures to translate organizational needs and future goals into a secure and effective plan. **Qualifications Required:** - 10+ years of experience in Information Security with a focus on operational security. - Experience with agile project management processes and methodologies. - Mandatory 3 years of experience with one of the following SOAR vendor platforms (Tines, Swimlane). - Ability to work autonomously. - Advanced research, analytical, and problem-solving skills. - Masters degree in Computer Science, Information Security, or a related field.