Security Incident Automation Engineer at Aventurine Technologies Inc
San Jose, CA 94538
About the Job
This is a remote position.
stronger background in automation/Splunk and IR/EDR
Must have’s:
- 5 years of exp
- Heavy experience with EDR and tools
- AWS
Nice to have’s:
- Splunk
- Python, PowerShell Scripting
Space: A Backfill.
Interview process: L1 - with Bruce, L2 - with Sr Director, team and Jamie
JD:
● Minimum 2 years of experience in the Information Security field or a relevant undergraduate or Master’s degree focused on Information Security/Information Assurance.
● Good “hands-on” technical understanding of network fundamentals and common Internet protocols.
● Technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
● Has worked directly as a security incident automation analyst and has performed successfully in all aspects of incident response process.
● Must have a demonstrated capability to write scripts and code in Python and PowerShell. Ability to write in Java would be a plus.
● Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
• Demonstrated ability to use SEIM or logging tools and the ability to create complex queries, alerts and dashboards.
Desired Skills:
● Solid knowledge of various cloud environments (AWS, Azure, etc.) and its respective API’s.
● Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, NextGen firewalls, antivirus systems, proxy servers, file integrity monitoring tools, and operating system logs.
● Distinctive investigative, problem solving and analytical skills
● Knowledge of EDR and Network security tools
● Technical security certifications like Security+, Ethical Hacking or SANS/GIAC a plus.