Security Automation & Orchestration Senior Engineer - Dell Secureworks - Bucharest, Romania
Bucharest, RomaniaJob ID R35186 Date posted Mar. 20, 2019
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
You will review and consume reports and artifacts relating to the tactic techniques and procedures of threat actors and design automated actions to accelerate the validation, containment, eradication and remediation of security incidents. Automation and Orchestration engineers will be familiar with many leading security tools and industry standard scripting languages. Automation and Orchestration team will create, maintain and manage a library of response plans to common information security threats and customize these plans for client specific environments. In addition to the InfoSec relationship to the role, the Automation and Orchestration Engineer will also be responsible for designing and developing internal automation efficiencies for Operations
- Perform regular updates of existing Playbooks based on changes in the Threat Landscape or a clients security controls.
- Drive continuous improvement of existing playbooks to address new threats and tactics employed by attackers.
- Manage an inventory of subtasks that enable broader playbook creation.
- Produce new playbooks as threats change and new security tools and controls emerge in the market place.
- Perform regular reporting on the usage of playbooks and the effectiveness of a playbook to conclusion.
- Monitor the health of the playbook and connector environment and respond to issues as they arise
- Develop logic that bridges connectors, tasks and human input to accelerate the response to escalated security incidents and create efficiencies for internal teams
- Develop and deploy connectors that collect, enrich and leverage data from third party and proprietary webservices using internal pipeline
- Participate in client meetings to further optimize their specific operational plan based on our best practices and operational learnings.
- Participate in on-call rotation to support the automation and orchestration capabilities
- Provide L2 support for internal and external client needs
- Proven background in creating automation tools, automating web based services is a plus.
- Strong background working with JSON data structures
- Familiar with Ansible
- Familiarity with *nix-based command line tools.
- Working knowledge of Regular Expressions (Regex)
- Solid knowledge of REST API best practices and usage.
- Strong technical communication skills, both written and verbal.
- Effective time management and organizational skills.
- Team player with the ability to work autonomously in a fast-paced, dynamic environment, often with ambiguity.
- Passionate about information security and service excellence.
- Ability to travel occasionally for client-site visits, team on-sites and strategic planning.
If you’re keen to work on diverse and highly complex information security problems, this is your opportunity to develop with Secureworks.
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.