Developing automation workflows, the successful candidate will develop playbooks to within Splunk SOAR/Ansible environment to triage, alert or otherwise automate manual processes.
The security platform engineer will be responsible for supporting and managing existing security technologies that are currently deployed globally across Sun Life.
The successful candidate will work on security initiatives and enterprise level projects performing proof of technology/concept asks, implementing new security controls and capabilities into existing technologies and be responsible to deploy, support and maintain new security technologies and platforms.
Meet with stakeholders to help refine the requirements for new automation workflows.
The security platform engineer will be part of a 24x7 on-call support team and be required to join major incident management calls to provide support and consultation for technologies supported by the team.
Continuously improve upon operational and security platform process activities.
Smoothly transition and operationalize each project as the implementation phase ends. This includes developing roles & responsibilities (RACI) documents and educating the teams who will be performing BAU (Business as usual) the day-to-day work.
Document, update and maintain cyber security playbooks, policies and knowledge base articles used to support the established Incident Management and CSIRT processes.

An Information Technology University degree/college diploma in related discipline(s) or equivalent work experience, and/or 5 years experience in Information Technology
2-3+ years in security IT industry experience
Professional designation in IT security (such as CISM, CISSP, CISA, GIAC, AWS or CompTIA) preferred.
Experience with SOAR tools (Splunk SOAR, Cortex XSOAR, etc)
Experience with Ansible development.
Development experience (Python, YAML, JavaScript, etc)
Experience planning, researching, and developing security policies, standards, and procedures.
Knowledge of one or more: end-point detection and response, intrusion detection, crypto technologies, certificate management, email security, web content filtering technologies, cloud security.
Knowledge of Security Information and Event Management platforms including log types.
Experience with Windows and Linux based operating systems.
Experience in deploying enterprise level technology via managed projects.
Knowledge of networking technologies, firewalls, web application firewalls and intrusion prevention systems.
Knowledge of cloud technologies.
Knowledge of disaster recovery, technologies, and methods.
Strong communicator spoken and written with the ability to communicate technical issues to peers and management.

Wellness programs that support the three pillars of your health – mental, physical, and financial
The opportunity to move along a variety of career paths with amazing networking potential.
As a hybrid organization, you and your leader use business and Client needs to choose where you work, at home or in the office

Security Platform Engineer, Security Automation, Python, Crowdstrike, SIEM

Key skills