Security Engineer II: Detection Engineer
H-E-B
- San Antonio, TX
- Permanent
- Full-time
- Analyzes and investigates security alerts and helps tune and improve notables.
- Integrates SIEM with upstream data sources by automating data ingestion.
- Manages large data sets including creating and organizing indexes.
- Completes projects and tasks associated with security monitoring, detection, incident response, and security program initiatives.
- Develops and documents standard operating procedures and best practices.
- As a part of the Cyber Fusion Center, Threat Management & Security Engineering, this position will coordinate with other CFC DSOC team members as well as Digital Foundational Tech (infrastructure) teams to create system connections to collect logs and implement data correlations, & lookup tables.
- Develop and implement customized alert and reporting based on DSOC analysts’ requests
- Perform or lead orchestration and automation activities (SOAR) to integrate security tools that support DSOC processes.
- Support log aggregation and log retention activities, developing custom solutions when necessary
- Support analytics, tuning, and maintenance of endpoint and network security sensors
- Work closely with other DSOC team members, threat Intelligence analysts or providers, and other Digital Security teams to improve security platforms or tools for consumers of security operations and investigations
- Minimum of two (2+) years of administrating networked environments, development and support experience with SIEM platforms in medium to large enterprises.
- Understanding of security issues and technologies for desktop, virtual, cloud services, and network infrastructures.
- Must have in-depth knowledge of operating systems and IT infrastructure, while possessing a detailed technical understanding of log collection, security technologies, firewall rules, computer privileges, and databases. Basic operating system administration, knowledge of common network protocols, and overall familiarity with scripting are necessary skills to improve automation and efficiency.
- Experience in IT systems and security policies, standards, industry trends, and techniques.
- Experience working with hybrid cloud infrastructure.
- Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
- Working knowledge of Python, Golang, JavaScript, PowerShell, Perl, or *nix Shell scripting (multiple).
- Experience with published standards, guidance, and frameworks related to information security architecture, information security controls, and practical implementation techniques in an enterprise.
- Fundamental understanding of data and secrets security, system administration, vulnerability management, secrets management and vaulting, and platform/OS security.
- Demonstrate high level of communication skills, both verbal and written with collaborative mindset
- Demonstrate a logical and structured approach to time management and task prioritization.
- Familiarity with Agile and other project management methodologies.
- Ability to work well under pressure and have great organizational and interpersonal skills.
- A Bachelor’s degree in Computer Science or Software Engineering.
- One or more professional security certifications such as Certified Splunk Administrator, CISSP, OSCP, OSCE, GCIH, CASP, AWS Security, or equivalent.
- Three (3) or more years experience in Information Security, IT Risk Management or IT Compliance.
- Familiarity with PCI DSS, HIPAA, and other industry regulations
- Experience working with Splunk Enterprise Security.
- A robust Benefits plan with coverage starting Day One
- Dental, vision, life, and other insurance plans; flexible spending accounts; short term / long term disability coverage
- Partner Care Team, for any time you have healthcare or coverage questions
- Telehealth offers 24/7 access to board-certified doctors by phone
- Partner Guidance allows free counselor visits
- Funeral leave, jury duty, and military pay (subject to applicable law)
- Maternal / paternal leave for new parents, including adoptions
- 10% off H-E-B brand products in-store and online
- Eligibility to participate in 401(k)