Security Incident Automation Engineer at Aventurine Technologies Inc

This is a remote position.

stronger background in automation/Splunk and IR/EDR

Must have’s:

• 5 years of exp
  
• Heavy experience with EDR and tools
  
• AWS
  

Nice to have’s:

• Splunk
  
• Python, PowerShell Scripting
  

Space:   A Backfill.

Interview process: L1 - with Bruce, L2 - with Sr Director, team and Jamie

JD:
● Minimum 2 years of experience in the Information Security field or a relevant undergraduate or Master’s degree focused on Information Security/Information Assurance.
● Good “hands-on” technical understanding of network fundamentals and common Internet protocols.
● Technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
● Has worked directly as a security incident automation analyst and has performed successfully in all aspects of incident response process.
● Must have a demonstrated capability to write scripts and code in Python and PowerShell. Ability to write in Java would be a plus.
● Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
• Demonstrated ability to use SEIM or logging tools and the ability to create complex queries, alerts and dashboards.
Desired Skills:
● Solid knowledge of various cloud environments (AWS, Azure, etc.) and its respective API’s.
● Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, NextGen firewalls, antivirus systems, proxy servers, file integrity monitoring tools, and operating system logs.
● Distinctive investigative, problem solving and analytical skills
● Knowledge of EDR and Network security tools
● Technical security certifications like Security+, Ethical Hacking or SANS/GIAC a plus.