Key skills
Cyber SecurityFirewallsPythonSplunkIAMNegotiationNetwork Security
About this role
Role Overview
- Owning the security lifecycle and effectiveness across the Core, Edge, and Access networks, as well as all systems and network functions within GN&T.
- Advancing our security posture through real-time Threat Monitoring & Detection using SIEM tools like Splunk.
- Leading Incident Response efforts during a breach.
- Managing the continuous Vulnerability Management lifecycle across networks and applications.
- Defining and implementing robust Security Architecture, including firewalls, encryption, centralized Identity and Access Management, and Multi-Factor Authentication (MFA).
- Possessing advanced Threat Hunting skills, including Advanced Networking & Protocol Analysis, Endpoint & Memory Forensics, Data Science & Querying, and demonstrable experience in Automation & Scripting to enhance our Cybersecurity tooling.
- Identifying technology gaps to lead in the design, architecture, and implementation of appropriate security solutions.
- Creating formal guidelines, policies, and procedures to ensure smooth and error-free operations.
- Implementing strategic solutions in a highly scalable environment.
- Partnering across the Operations, Engineering, and Planning organizations to ensure secure design patterns are embedded into new deployments and major changes.
- Working independently on strategic technical challenges.
- Identifying opportunities to mentor junior engineers, guide, and delegate technical documentation/tasks to support the team and broader organization.
- Communicating clearly and effectively, articulating complex technical concepts to diverse internal and external audiences.
- Assisting network security incident response activities including triage, containment, eradication, and recovery for disruptive threats.
- Assisting with building and refining incident playbooks and response runbooks, ensuring repeatable workflows for high-impact scenarios (ransomware, phishing, insider threat, DDoS, etc).
- Serving as escalation support for security related investigations, providing expert-level analysis and guidance during active incidents.
- Executing root cause analysis and producing clear incident reports outlining timeline, impact, evidence, and remediation recommendations.
- Conducting proactive threat hunting across the identity, endpoint, network telemetry to uncover adversary behavior and reduce dwell time.
- Creating and tuning threat detections using SIEM (Security Information and Event Management) to improve alert fidelity and reduce false positives.
- Driving continuous improvement of network visibility and telemetry collection to strengthen detection and response capabilities.
- Performing regular security control assessments validating configuration effectiveness and closing gaps discovered during incidents or hunts.
Requirements
- Bachelor’s degree or Four or more years of relevant work experience.
- Two or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.
- Familiarity with Identity and Access Management (IAM) solutions.
- Strong foundational knowledge of incident response lifecycles (NIST or SANS) with experience designing, testing, and maintaining automation playbooks using SOAR platforms to automate triage and response actions.
- Strong ability to write complex, optimized SPL (Splunk Search Language) searches, including macros, data models, and lookups for efficient threat hunting and investigation.
- In-depth experience with risk-based alerting, managing notable events, asset/identity correlation, and defining/tuning correlation searches.
- Experience in developing, testing, and maintaining automation playbooks using Python/API integrations and Splunk SOAR (Security Orchestration, Automation, and Response) to automate triage and response actions.
- Expert in conflict resolution and negotiation to ensure that design, strategy, and decisions consistently support security requirements.
Tech Stack
- Cyber Security
- Firewalls
- Python
- Splunk
Benefits
- health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
- matched 401(k) savings plan
- up to 8 company paid holidays per year
- up to 6 personal days per year
- paid parental leave
- adoption assistance
- tuition assistance
- premium pay such as overtime, shift differential, holiday pay, allowances
- up to 15 days of vacation per year.