Security Automation Engineer
US Remote or Canada
The Security Automation Engineer is a hands-on team player who provides technical security guidance and leadership and is responsible for advancing security operations technologies and processes through automation and integration of threat detection and protection solutions across enterprise multi cloud and on premise environments. This individual is responsible for creating, testing and maintaining automation scripts/workflows, within a SOAR platform, in alignment with the security program, including but not limited to access control, identity management, regulatory compliance (SOX, PCI), privacy (GDPR, CCPA), network technologies, cryptography and operations. This position will develop solutions that enhance information security processes and procedures in support of all businesses within the company. This role identifies security gaps, develops controls, determines functional and non-functional security requirements and designs solutions that meet business objectives while complying with security standards to achieve Security-by-Design principles based on the needs of the business and organizational security requirements.
This position reports directly to the Director, Information Security and Compliance.
- Manage security projects and/or initiatives.
- Develop, design, build, deploy and support secure and well-orchestrated automated security solutions, in multi cloud, private cloud or on-prem, using native, open source or standard toolsets.
- Integrate SOAR platform with other security tools and APIs to execute automated workflows.
- Design, implement, and maintain efficient and reusable code
- Review, debug, and resolve technical issues throughout all stages of SDLC
- Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions.
- Follow Magic Leap security standards and strategic roadmaps.
- Provide technical support for security initiatives involving security infrastructures, frameworks, methodologies, and/or platforms.
- Participate and recommend gap remediation efforts in regards to Information Security.
- Conduct security reviews of security infrastructures, frameworks, methodologies, and/or platforms and produce detailed documentation.
- Provide security automation, secure software development and integrations recommendations and guidance to stakeholders.
- Assist with security incidents that Magic Leap may face in alignment with our incident response plan
- Participate in the testing of security solutions and report observations to Security Management.
- Mentor and train junior security team members
- Help educate peers, security personnel, and other security staff about security automation, secure software development, integrations, infrastructures, frameworks, methodologies, and/or platforms.
- Support information security implementations & promote Information Security policy enforcement throughout Magic Leap.
- Investigate the potential impact of technologies and communicate findings to Security Management.
- Develop basic secure standards, requirements, diagrams, and/or documents for security automation, secure software development, integrations, infrastructures, frameworks, methodologies, and/or platform needs.
- Reviews technical solutions and makes recommendations in alignment with security requirements.
- Collaborate with various security teams on Automation, secure software development, integrations, infrastructure, frameworks, methodologies, and/or platform needs.
Required Technical Skills:
- 5 years of experience in the IT field, information security, software development, automation, security event monitoring, incident response, eDiscovery, forensics, infrastructure administration, compliance, security administration, audit and/or risk.
- 3+ years SOAR, software development, cloud infrastructure operations or information security experience.
- Experience with SOAR platforms such as Phantom, Demisto, Cortex XSOAR, etc.
- Deep knowledge of DevSecOps practices. Including experience with CI/CD.
- Experience with Infrastructure as code, Terraform
- Experience with containers (Docker, ECS, Kubernetes)
- Experience with the AWS CLI, Gcloud CLI.
- Experience with Security best practices and information security governance.
- Deep understanding of information security controls.
- Experience supporting IT security principles, frameworks and tools like NIST, CIS, OWASP top 10, SANS top 25.
- Deep knowledge of Cloud infrastructure, network and security layers.
- Experience in various scripting and programming languages (Python, Go, Bash etc.)
- Understand Linux, Windows and Mac environments.
- Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten
- Understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
- Familiarity with information security investigations and forensics. Experience with Penetration Testing and tools
- Familiarity with legal, regulatory and industry security requirements and frameworks. Including, but not limited to the following: International Organization for Standards (ISO/IEC 27001) & Payment Card Industry - Data Security Standards (PCI - DSS).
- Team player who is able to work effectively at all levels of an organization with the ability to influence others to move toward consensus
- Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work products
- Highly self-motivated, strong attention to detail, with strong analytical and problem-solving skills
- Strong verbal and written communication skills
- Strong interpersonal and conflict management skills
- Bachelor’s degree in Information Systems or related degree, or equivalent job experience
- At least two industry standard certifications such as GSEC, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or other security vendor certification.
All your information will be kept confidential according to Equal Employment Opportunities guidelines.