Job Description
This role will focus on engineering detections of cyber attacks against the enterprise and supporting a world class incident response team. . An engineering mindset will be required to deliver high quality solutions for our internal security operations teams. The day-to-day will consist of utilizing Agile processes with a strong bias towards utilizing the ServiceNow platform. Coordinating with several peer teams on development status will be a significant key to success. This person will need a combination of technical development and customer support skills in order to thrive in a hyper collaborative environment.
This is a high visibility role will be critical for scaling threat detection and response functions into next generation.
What you get to do in this role:
- Build threat detection use cases leveraging threat intelligence and incident response data.
- Document products and deliver demos to operational teams.
- Work directly with security platform engineering teams, platform Development teams, and product managers on requirements and future product roadmaps.
- Collaborate with other detection engineers and incident responders on new detections.
- Design and build systems in a variety of public cloud ecosystems.
- Provide input on future products for a digital transformation cloud company.
- Work with a data scientist on training novel ML models for detection use cases.
Qualifications
- Overall 8 years of experience in Security Engineering or Security Operations.
- At least 3 years of experience of writing advanced power user queries in Splunk including creating field extractions with regex.
- At least 1 year experience working with public cloud technology SaaS (AWS/Azure/GCP).
- Bachelor's degree in a technical science or equivalent project/work experience.
- Familiar with incident response / digital forensics processes.
- Knowledge of or experience in SOAR (Security Orchestration, Automation and Response) concepts.
- Experience in or working directly with security operations teams.
- High degree of interpersonal skills will be required given this role will interact with many teams.
- Familiar with using the ServiceNow platform is preferred.
- Open mind for exploring new ideas for automating repetitive manual tasks.
See more jobs at ServiceNow
Apply for this job