Apply on Employer Site

Northwestern Mutual · 1 week ago

Sr Detection & Automation Engineer

Milwaukee, WI Corporate

Full-time

Hybrid

Mid, Senior Level

$112K/yr - $208K/yr

Northwestern Mutual is seeking a Senior Detection & Automation Engineer to join their Enterprise Cybersecurity team. The role involves developing and maintaining security automation playbooks, managing security tools, and leading blue team exercises to protect the organization from cyber threats.

AdviceConsultingEmployee BenefitsFinanceFinancial ServicesInsuranceLife InsuranceWealth Management

H1B Sponsor Likely

Responsibilities

Leadership: The Senior Detection & Automation Engineer is a leader within the Enterprise Cybersecurity with the expectation to guide and mentor more junior members. This includes overseeing the work performed by junior engineers, mentoring their technical educational activities, freely sharing knowledge, and testing techniques

Security Detection Engineering: Prioritizes and builds detection rules for the SIEM platform to identify malicious activities based on knowledge of the inner workings of cyber-attacks. Develops, maintains, and ensures the proper documentation of detection logic, rules, and alerts. Enhances and improves data quality from external sources in the SIEM by understanding the current best state of detection engineering and integration practices

Blue Team: Accountable for assisting in the design and implementation of blue team exercises including independently leading components of the exercise

Security Research: Accountable for regularly monitoring the security community for, and researching, the latest assessment and exploit methodologies. This work is concluded by sharing the information back to the team in the form of newly written tools and/or attack techniques via informal internal training sessions

Reporting: Accountable for preparing and delivering the highest quality security information that comprehensively and clearly explains risk, demonstrates findings, and offers tactical and strategic recommendations to both technical and non-technical internal clients

Communication: Effective and professional communication of a variety of topics, including technical and non-technical information, to a wide variety of internal and external customers including leadership from across the organization

Ad Hoc Incidents: Accountable for working with the security operations center, incident responders, and technology infrastructure, and development teams as necessary

Metrics: Accountable for working with select team members to track, monitor, and report testing results in a meaningful way so that risk-based security metrics are delivered to the enterprise

Training: Attend training to stay current with technology and security trends. Incorporates learnings from training to improve organizational technology and processes

Perform other duties as assigned

Qualification

SplunkSIEM SystemsIncident Response ExperienceDetection EngineeringPythonSystem Administration ExperienceGitLabData Quality EnhancementBlue Team ExercisesSecurity ResearchMetrics TrackingCommunication SkillsContinuous Learning

Required

Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field

Proficiency in using Splunk or other SIEM platforms

Strong understanding of logs and log formats

Experience in incident response

Experience as a system administrator

Proficiency with GitLab for version control and CI/CD pipeline management

Strong programming skills in Python for scripting and automation tasks

Ability to build and prioritize detection rules in SIEM platforms

Ability to enhance and improve data quality from external sources in the SIEM

Effective and professional communication skills

Ability to regularly monitor the security community for the latest assessment and exploit methodologies

Experience in designing and implementing blue team exercises

Ability to prepare and deliver high-quality security information

Ability to track, monitor, and report testing results meaningfully

Commitment to attending training to stay current with technology and security trends

Preferred

Experience teaching security concepts (web, mobile, or infrastructure/network)

Formal software development experience with one or more programming languages such as Python, JavaScript, Java, Ruby, Go, PowerShell, Bash, C#, C/C++, etc

Experience automating Amazon Web Services (AWS) and/or Microsoft Azure platform infrastructure

Proven people leadership skills including the ability to manage small teams and small projects

Ability to be a leader in the security industry demonstrated by participation organizing and/or contributing to conferences by giving talks

Company

Northwestern Mutual

Glassdoor3.9

Northwestern Mutual delivers financial security to millions with life, disability income and long-term care insurance, and investments.

Founded in 1857

Milwaukee, Wisconsin, USA

5001-10000 employees

https://www.northwesternmutual.com

H1B Sponsorship

Northwestern Mutual has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2020 (1)