Security Tools Engineer
This role is focused on the development, integration, and implementation of security tools with an emphasis on scripting and general software development to automate processes through workflows, expanding capabilities, integrate like systems using API/service interfaces, and driving the overall evolution of existing tools and systems. This role will be responsible for development in multiple platforms (e.g. Splunk, ServiceNow, Qlikview) using a variety of languages and skills. An individual in this role must be able to work across multiple IT functions and exhibit the desire and flexibility to come up with creative solutions in order to achieve greater efficiencies and visibility. Additionally, this role will require basic project management understanding and capability to drive initiatives and provide greater agility within the Information Security and Risk Management (ISRM) function.
Key Responsibilities Includes:
- Maintain current tools and provide continuous improvement in support of multiple functions within the ISRM organization.
- Provide gap analysis and recommendations to further integrate ISRM solutions and operational processes.
- Leverage programming skills to develop tools for the automation of security, compliance, and risk management processes using a combination of proprietary and open source development languages.
- Participate in internal projects and initiatives, researching and recommending appropriate solutions
- Collaborate with IT and business engineering teams to support, maintain, and design backend applications and other operational platforms.
- Facilitate project management to drive critical ISRM projects, while identifying risks, opportunities, and solutions to overcome limitations.
- Bachelor's Degree in Computer Science, Information Systems or equivalent discipline.
- Proficiency with scripting and / or programming (e.g. .Net, VBScript, PowerShell, Python, Perl)
- Strong understanding of API/service integration, data structures, and object oriented programming
- In-depth knowledge of Windows and Linux/Unix, including applicable security principals
- A Strong understanding of networking and relevant protocols including TCP/IP, HTTP, SMTP, and DNS
- Experience with firewalls, VPN's, IDS, or other commercial network security solutions
- Experience with logging and monitoring tools such as Splunk
- Experience with threat vulnerability assessment tools such as Qualys
- 2 years or more experience in information security or network / system administration
- 2 years or more of and scripting / programming experience
Equal Opportunity Employer Minorities/Women/Veterans/Disabled