Sr Security Tools Engineer

Job Description

The Job
The Senior Security Tools Engineer leads the administration and engineering of the tools which manage the security posture of WarnerMedia and designs solutions that integrates WMCSO security tools to improve collaboration within the CSO. The position also assists in implementing and maintaining corporate security standards, technologies, and processes/procedures. The engineer administers, monitors and maintains security infrastructure. This includes but is not limited to application and container security tools, security orchestration solutions, security information and event monitoring (SIEM), system logging and analysis, and vulnerability assessment programs. As a senior member of the team, the role requires the ability to lead junior team members through the strategy directed by senior management. In addition to technical skills, the senior security tools engineer is process-oriented and results-oriented and demonstrates effective problem-solving and communication skills. The senior security tools engineer often serves as a subject matter expert for colleagues and line-of-business managers, and experience with multiple technologies, compliance requirements and risk analysis methodologies is crucial.

The Daily
• Oversee and guide the implementation of products and services required to maintain WarnerMedia's security posture.
• Engineer and administer security tools including anti-malware systems, SIEM systems, endpoint protection, email security, endpoint detection and response, and IDAM systems.
• Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
• Troubleshooting of security solutions.
• Develop solutions that leverage API's to collect and manipulate data from various systems.
• Administration of system infrastructure that are hosted within a public/private/hybrid cloud infrastructure.
• Remain current with new security threats and assessing systems to ensure they are appropriately configured to defend the business.
• Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.
• Lead the creation and maintenance of security documentation and configuration practices.
• Attend and engage in all change and project management meetings.
• Administer best practices and required configuration standards for compliance and privacy obligations.

The Essentials
• At least 5-7+ years' experience in cybersecurity, including compliance and risk management with a security engineering background.
• Experience with Linux system administration.
• Highly technical and analytical expertise, with a proven deep background in technology design, implementation and delivery.
• Experience with Splunk
• Extensive knowledge of traditional security controls and technologies, such as SIEM systems and public key infrastructure (PKI), in addition to newer offerings such security automation and orchestration, and application controls.
• Experience with Amazon Web Services (AWS) or Microsoft Azure.
• Experience driving measurable improvement in monitoring and response capabilities at scale.
• Experience with one or more of the following: ISO 27001, NIST, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley Act (SOX) the General Data Protection Regulation (GDPR), or Center for Internet Security (CIS) standards.
• Experience administering SIEM systems, security automation and orchestration solutions, and other system monitoring tools.
• Familiarity with configuration management tools, such as Ansible or Chef.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Familiarity with infrastructure as code tools, such as Terraform or CloudFormation.
• Experience with scripting languages such as BASH, Shell, and Python.
• Experience with Security Orchestration, Automation and Response (SOAR), Container Security, Threat Intelligence, or Vulnerability Management tools.
• Extensive knowledge of Windows, Linux and Unix.

The Perks
• Paid time off every year to volunteer
• Access to well-being tools, resources, and freebies
• 2018 Best Company for Working Mothers
• 2018 Best Company for Dads
• An in-house learning and development team to help shape and grow your career
• Part of the WarnerMedia family of powerhouse brands

Jobcode: Reference SBJ-d2354y-18-224-0-25-42 in your application.