Security Tools Engineer
1050 Techwood Drive NW Atlanta, GA 30318
The Senior Security Tools Engineer leads the configuration of the tools which manage the security posture the company. The position also assists in implementing and maintaining corporate security standards, technologies, and processes/procedures. The engineer administers, monitors and maintains security infrastructure. This includes but is not limited to endpoint security solutions, security information and event monitoring (SIEM), system logging and analysis, and vulnerability assessment programs.
- Oversee and guide the implementation of products and services required to maintain security posture
- Administer and maintain security tools including anti-malware systems, SIEM systems, endpoint protection, email security, endpoint detection and response, and IDAM systems
- Administration of system infrastructure that are hosted within a public/private/hybrid cloud infrastructure
- Troubleshooting of security solutions
- Leverage API’ s to collect and manipulate data from various systems
- Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
- Remain current with new security threats and assessing systems to ensure they are appropriately configured to defend the business
- Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.
- Lead the creation and maintenance of security documentation and configuration practices.
- Attend and engage in all change and project management meetings.
- Administer best practices and required configuration standards for compliance and privacy obligations.
- At least 5-7+ years’ experience in cybersecurity, including compliance and risk management with a system and network security engineering background.
- Experience with Linux system administration
- Highly technical and analytical expertise, with a proven deep background in technology design, implementation and delivery.
- Experience with Splunk
- Extensive knowledge of traditional security controls and technologies, such as SIEM systems, IDS/ IPS, public key infrastructure (PKI), IDAM systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), security automation and orchestration, and application controls.
- Experience with Amazon Web Services (AWS) or Microsoft Azure.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Experience with one or more of the following: ISO 27001, NIST, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley Act (SOX) the General Data Protection Regulation (GDPR), or Center for Internet Security (CIS) standards
- Experience administering anti-malware solutions, SIEM systems, security automation and orchestration solutions, IDS/IPS, endpoint detection and response, and other system monitoring tools.
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
- Experience with scripting languages such as BASH, Shell, and Python
- Working knowledge of Windows, Linux and Unix.
- Bachelor’ s degree in computer science, information assurance, MIS or related field, or equivalent.