ITS Sensor Management Engineer
Kimberly-Clark
Buenos Aires, Argentina
hace 2 días

Job Description

The Cybersecurity Sensor Management Engineer will work closely with the Security Operations Center, Incident Response and Engineering & Delivery to assess the configuration of all security tools and drive towards continuous improvement of their configurations based on the current risk profile, threat landscape, and incoming threat intelligence.

This positionoffers a unique blend of Threat Hunter, Cybersecurity Analyst, and Cybersecurity Engineer.

Senior Security Engineer provides subject matter expertise on information systems security, purpose, plan and implementation and maintenance of security defenses that provide the best protection and value for the organization.

Creates security architecture and implementation artifacts that fully integrate with Business, information technology initiatives and objectives.

An engineer is responsible for developing, articulating, and implementing knowledge in a holistic manner, across multiple mission-critical categories and domains of Cyber Security.

Some limited examples of engineering solution expertise include; but not limited to :

Web filtering technology

Network intrusion defense technology

End point monitoring technology

Data leak protection technology

Intrusion prevention technology

Firewall technology

Security information and event management technology

Network taps, traffic aggregators and filters technology

Identity management tools, AD, LDAP, web front end and virtualization technology

Cloud architecture, configuration and deployment technology

S / he must have cross-domain expertise in at least three of the core categories listed above. The skillset and ability to collaborate with domain experts to ensure cohesive, end-to- end security program maturity is paramount.

ESSENTIAL FUNCTIONS :

Responsible for evaluating Telemetry from the SIEM and the individual consoles of various security products to ensure that :

All appropriate threats are being surfaced in the SIEM

All sensors are tuned to send appropriate telemetry

Unnecessary telemetry is eliminated without the loss of context at the SIEM

Implements appropriate changes in security tools in order to reduce attack surface, streamline operations, optimize performance, and achieve new business requirements .

Influences and inform s security architecture to ensure future roadmap and architectural decisions are made with appropriate context.

Manages expectations of stakeholders, including business and ITS executive program sponsors .

Assesses the implications of changes to existing processes / systems (cultural, technological, organizational and environmental) and identifies the activities necessary to ensure a smooth transition and user acceptance of the changes implemented.

Ensures that a n effective change control proce ss is in place , actively used and updated to ensure documentation of systems changes and rollback procedures.

Makes recommendations to update the change control process as necessary to provide appropriate documentation while increasing agility and minimizing overhead.

Drives continuous improv ement in day-to-day security risk mitigation project management and security operations processes.

Debrief regularly with Incident Response to integrate all learnings from previous incidents into the sensor management backlog.

DEPARTMENT SPECIFIC / NON-ESSENTIAL FUNCTIONS :

1. N / A

MINIMUM REQUIREMENTS :

Experience :

10+ years information technology experience

5-10 years of IT security experience in multiple domains with API, WAF, IAM, NAC, FW, Cloud, DLP, SSO, PKI, Gateway, etc.

Experience with data security technologies including Information Labelling, Rights Management and File Encryption

Verbal and written fluency in English is mandatory

Ability to work in a virtual team which may work across distance (remote), cultures and time zones, in a matrix with multiple reporting lines, and may extend outside the K-C organization including suppliers, partners and customers.

Preferred Experience :

Specific experience with Palo Alto Firewalls (Specifically Palo Alto Threat Profiles)

Specific experience with Splunk and Splunk Enterprise Security

Specific experience with McAfee Endpoint Protection, TIE, DXL and DLP

Specific experience with Zscaler

Specific experience with Rapid 7 Nexpose

ORGANIZATIONAL RELATIONSHIPS / SCOPE :

Role will report to the department leader in the ITS Infrastructure, Application (ITAS) or PMO organization and will have no formal direct reports.

Key Interfaces :

Director of CyberSecurity

Chief Information Security Officer

IT Strategic Leadership Team (L4s)

Global IT leadership

Regional and Functional Subject Matter Experts

External Interfaces :

Consultants

3rd Party software providers

Cloud solution providers

WORKING CONDITIONS : Travel may include approximately 10-30% of work time. Travel may include travel via aircrafts and motor vehicles to various locations, if applicable.

DISCLAIMER : The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification.

They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position.

Inscribirse
Mi Correo Electrónico
Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
Continuar
Formulario de postulación