What you’ll do
- Configure and implement facilities for the ingestion and monitoring of information security logs including logs related to AWS API usage, server and container-based audit logging, database access logs, and application security logging.
- Develop and deploy AWS-based infrastructure using Terraform configurations and standard source code management tooling.
- Perform incident response as part of the greater Security team. Incorporate lessons learned from incident investigations into monitoring and alerting capabilities.
- Work closely with teammates to effectively test, tune, and deploy security technologies that are scalable and enhance detection and response.
- Develop effective and efficient internal security procedures and documentation (i.e. runbooks), used for day-to-day security operations.
- Research and understand emerging information security threats, vulnerabilities, and their countermeasures.
What we look for
- Experience configuring and monitoring SIEM software and log collection facilities. Extra points for Elastic SIEM experience!
- Experience developing, configuring, and securing AWS cloud services.
- Software development experience, using Python.
- Hands-on experience running container-based infrastructure.
- Experience developing and deploying cloud services using Terraform.
- Database experience including administration and monitoring preferred.
- Basic understanding of Developer Best Practices using source code version control encouraged (e.g. GitHub etc)
- Foundational knowledge of and passion for Cyber Security concepts
- BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus