Job description


  • Entry level
  • No Education
  • Salary to negotiate
  • Port Charlotte


Functional Area:IT - Information Technology Estimated Travel Percentage (%): Up to 25% Relocation Provided: No AIG Employee Services, Inc. Security Automation Engineer Estimated Travel Percentage (%): Up to 10% Relocation Provided: No The Security Automation Engineer will be responsible for deploying, tuning and maintaining automated security response and incident management platforms to manage high volume, repeatable security response workloads. In addition, this position will build out the functionality necessary to develop security response tickets to replace the existing platform. This position is a hands-on role that requires knowledge of security orchestration automation and response (SOAR). The candidate must understand security and event response processes in order to effectively design the workflows that will enhance security operations and centralize response with the benefit of automation. In this role, the candidate will work with the cyber security teams in order to develop a comprehensive understanding of how the cyber security teams manage the alerts requiring action or investigation. The successful candidate will demonstrate strong knowledge of and experience with the general information security controls employed to operate within a state of the art cyber incident response team, as well as the ability to identify, test and implement automated actions and the management of the security incidents. The successful candidate will have demonstrated expertise in all aspects of security incident response and the technologies leveraged for this purpose. The candidate will have at least 4 years of experience working in an enterprise security engineering environment providing comprehensive solutions and approaches to solving the challenges associated with a large, complex, global ecosystem requiring strong security controls and rapid response while minimizing the potential for impact to the business processes. KEY RESPONSIBILITIES AND DUTIES: Design, configure, manage and maintain the security orchestration automation and response platform. Utilize the tools to build an incident response platform that is easily leveraged by the cyber response teams so they can manage the daily workload effectively. Perform security related tasks, including the day-to-day administration of the SOAR platform. Develop the automation workflows and thoroughly test the workflows to ensure the actions performed are aligned with the expected outcomes needed to ensure an effective incident response platform. Work with the security analysts and content management teams to ensure data ingested by the SIEM is useful, reduces white noise, and is properly leveraged and actioned for incident response. Perform security analysis of alert patterns and adjust workflows and procedures to account for misfires. Determine and implement appropriate levels of security configuration, controls and monitoring. Develop quality program metrics to measure program performance as well as enterprise risk. This data must provide actionable intelligence to help drive and track progress of the security response program. QUALIFICATIONS: Required Skills: Bachelor's degree in Information Systems (or related field) or equivalent experience. 4+ years in a security engineering and operations Enterprise environment. 2+ years using Python to develop scripts in a production environment. Experience in leveraging REST API interfaces in python scripting. Experience implementing security orchestration, automation and response (SOAR) technologies. Understanding of Security Information and Event Management (SIEM) with knowledge of log collection, parsing of log files and how this data can be effectively used to mitigate risk and respond to threats. Moderate proficiency using data aggregated to a SIEM (security information event monitoring) and the ability to define and develop queries against that data. Good understanding of query optimization against large data sources so as to not cause performance impacts to the system. Proficiency in defining workflows/process execution flows in a business process management style. Understanding of security capabilities such as network firewalls, endpoint detection & response, traffic proxies, and mail security gateways. 4+ years’ experience managing Redhat Linux server instances. 2 years’ experience in troubleshooting Docker containers. Experience troubleshooting server and application performance. Working knowledge of operating systems, applications, and security architectures. Strong analytical and organizational skills. Excellent verbal and written communication, problem solving and time management skills. Ability to work efficiently and productively with minimal guidance or direction. Strong team player with initiative and ability to take charge of their area of expertise. Ability to clearly and effectively communicate concerns, issues and research to other teams. Desired Skills: One or more IT Security related certifications is highly preferred, such as CISSP, SSCP, CCIE, CISM or CEH. It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories. At AIG, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.

About the company


Related jobs