Cyber Security Developer in Parsippany, NJ at Securitas Security Services USA

Date Posted: 4/8/2020

Job Snapshot

Job Description

Job Code: 92341246250

Category: IT

JOB SUMMARY:

Securitas is looking for a Cyber Security Engineer to join the new Global Computer Emergency Response Team (CERT) in order to organize Security Operations at a global scale. This position will be a hands-on and development centric role that creates the glue that bridges security operations and incident response by enriching data, integrating threat analysis feeds, integrating sensor feeds, and correlating vast amounts of security and log data.  You will report directly to the Director of CERT and by extension, into the Global CSO.

ESSENTIAL FUNCTIONS

This globally operating function is focused on the following activities:

  • Designing the back-end, middle-ware, and front-end security systems for the Global CERT.
  • Vulnerability Management across tools, processes and organization;
  • Security Monitoring of the IT Environment both on-premise as well as in the cloud;
  • Security Incident Management to handle security incidents across the Securitas Group;
  • Cyber Threat Intelligence to acquire the knowledge about IOCs, TTPs and threat landscape evolutions that is needed to maintain a world class Cyber Defence practice
  • Planning, designing, creation, and execution of key technologies such as SIEM, Log Management and the global Security Data Lake.

Job Requirements

Relevant domain competences and experience we seek:

Development Experience:

  • Excellent proficiency in one or more of the following programming languages; python, java, go, c#
  • Excellent proficiency in data manipulation, parsing, data structures, and regex
  • Comfortable using GIT for code management
  • Strong knowledge of CI/CD practices in order to create standard, repeatable, and tested platforms

Security Monitoring:

  • Excellent working knowledge of SIEM & Log Management tools such as Elastic, Graylog, ArcSight, QRadar, etc.
  • Strong knowledge of key log types commonly seen in corporate environments (Windows event logs, Sysmon, Syslog, proxy logs, DNS logs…);
  • Able to analyze complex logs of different sources including endpoints, cloud applications, network devices and even raw network traffic;
  • Able to triage, correlate, and parse complex data streams and alerts
  • Able to fine tune existing rules / use cases to optimize automated detection capability;
  • Basic understanding of enterprise class security monitoring architectures;

Cyber Threat Intelligence:

  • Fundamentally understand how attackers operate (e.g. able to explain how a typical attack chain works);
  • Able to hunt environments to identify suspicious / malicious behavior that was missed by automated alerts / signature-based detection;

Incident Response:

  • A robust understanding of security incident response stages and requirements;
  • Ability to operate under pressure and uncertainty;
  • Experience of and ability to drive global escalations within complex organizations with multiple suppliers;
  • Ability to create remediation toolsets or scripts utilizing powershell as needed

MINIMUM QUALIFICATIONS AT ENTRY

4+ years of Robust SecOps development capabilities and experience in programming in Java, Python, Go or C#

EDUCATION/EXPERIENCE:

BS in Information Technology field and 4+ years of successful and progressively responsible Cyber Security Engineering experience, or an equivalent combination of education and experience sufficient to perform the essential functions of the job, as determined by the company.

COMPETENCIES: (as demonstrated through experience, training, and/or testing):

  • Pro-active/Drives Results
  • Excellent verbal, written and executive presentation skills
  • Comfortable giving expert advice to various levels in the organization and you actively seek input from your expert peers

EOE/AA/M/F/D/V