Job Number: R50012676
Brand: Fox Corporation
Job Type: Engineering, Product Management / User Experience / Content, Security, Technology
Location: Los Angeles, California; Home Office, California
Job Posting Date: October 16, 2020
Are you ready to join a more agile company ready to rapidly innovate and build new products? Fox is building an innovative security operations platform and is looking for a Security Automation Engineer to elevate our SOC workflows, tooling, detections, and mitigation techniques. We believe automation is king and our goal is to automate security operations everywhere we can.
A core focus for this role will be on driving the automation and codification of resources to modernize the security infrastructure. We are interested in someone who is willing to challenge the status quo. How can we apply threat modeling to daily security operations? How can we automate security remediations? What open source technology is available that can be applied as part of our toolset? How can we drive a “zero-trust” methodology throughout the business? Have an opinion on DevSecOps? Bring it to the table!
This position can be based in Los Angeles or remotely.
A SNAPSHOT OF YOUR RESPONSIBILITIES
Develop our custom Security Orchestration, Automation and Response (SOAR) framework to automate the SOC workflow of the SecOps team; which includes alert triaging, ticketing, reporting, paging and mitigation
Develop automation tools for incident response, which includes automated containment and mitigation of threats; enhancing our detection and investigation capabilities with threat correlations and intelligence; and integrate situational awareness of system intrusions
Apply knowledge of monitoring, analyzing, detecting, and responding to Cyber events to develop clever, efficient methods and technology to triage all the various incident types and to weaponize our threat hunting capabilities
Work closely with operations teams to develop and integrate custom playbooks, use cases and workflows that will be adopted across the SecOps team and the entire organization
Aid in the investigation and triaging of major incidents
Work with other developers on the InfoSec team on a variety of security automation projects (e.g. code analysis, vulnerability triaging, etc.)
Contribute to the deployment of deception technology (e.g. honeypots, honey hashes) across both enterprise and cloud environments
Evaluate cutting edge security technologies, create proof-of-concepts and drive them towards adoption
Develop schemes and technology to secure and monitor new technologies as we adopt them
Create resources, documentation, and training materials to help both the security operations and development engineering teams
Provide mentorship and guidance to internal teams
WHAT YOU WILL NEED
2+ years of hands-on software development experience and/or 2+ years developing custom SOAR platforms and security automation
2+ years of experience working with Incident Response or Security Operations Center (SOC) teams triaging for IT enterprise (email, endpoint security, firewalls, network security, IPS/IDS, etc.) and cloud environments
Develop proficiently in an AWS cloud environment (e.g. ECS, Lambda, Step Functions, RDS, etc.)
Solid grasp of cloud security concepts and best practices
Strong ability to learn and research new things, including tools, languages, frameworks, etc.
Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to a high-level audience and training
A collaborative mindset that thrives in fast-paced environments
Nice to Have
BS or MS in Computer Science, Engineering or Information Systems Management with a Security concentration; or 4+ years of experience in development or Cyber work
Previous experience with cybersecurity: SIEM, IPS/IDS, HIDS/NIDS, Networking, WAFs, Edge/endpoint security, DNS security, Cryptography, layered security, defense in depth practices
AWS Certifications (e.g. AWS Certified Developer Associate, AWS SysOps Administrator, AWS Certified Solutions Architect, AWS Certified Security Specialty, AWS Advanced Networking Specialty)
Security certifications (CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or EC-Council Certified Incident Handler (ECIH) Certification)
Familiarity with DevOps practices, including CI/CD pipelines and tools (e.g. Jenkins)
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, disability, protected veteran status, or any other characteristic protected by law. We will consider for employment qualified applicants with criminal histories consistent with applicable law.