Sr Detection & Automation Engineer

Are you ready to make a difference in the world of cybersecurity? If you have a passion for protecting organizations from cyber threats and a knack for leading teams, we want you on our Enterprise Cybersecurity team! As a Senior Detection & Automation Engineer, you will play a pivotal role in developing and maintaining security automation playbooks, managing security tools, and leading blue team exercises.

Let’s dive into what this exciting role entails!

• Leadership: Guide and mentor junior engineers, oversee their work, and share your knowledge freely.
• Security Detection Engineering: Build and prioritize detection rules for our SIEM platform to identify malicious activities, ensuring top-notch documentation and data quality.
• Blue Team Exercises: Design and implement blue team exercises, taking the lead on various components.
• Security Research: Stay ahead of the curve by monitoring the security community and sharing insights through internal training sessions.
• Reporting: Prepare and deliver high-quality security information that clearly explains risks and offers actionable recommendations.
• Communication: Effectively convey technical and non-technical information to a diverse audience, including organizational leadership.
• Ad Hoc Incidents: Collaborate with the security operations center and incident responders as needed.
• Metrics: Track and report testing results to deliver meaningful risk-based security metrics.
• Continuous Learning: Attend training to stay current with technology and security trends, applying your learnings to improve processes.
• Other Duties: Perform additional tasks as assigned.

• Educational Background: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field; a master’s degree is a plus.
• SIEM Proficiency: Experience with Splunk or other SIEM platforms, including rule creation and optimization.
• Log Understanding: Strong grasp of logs and log formats, with the ability to filter and normalize data for cybersecurity alerts.
• Incident Response Experience: Preferred experience in quickly identifying and responding to security incidents.
• System Administration: Familiarity with operating systems, network configurations, and security controls.
• Git Lab Skills: Proficiency in Git Lab for version control and CI/CD pipeline management.
• Python Programming: Strong skills in Python for scripting and automation tasks.
• Detection Engineering: Ability to build and prioritize detection rules in SIEM platforms.
• Communication Skills: Excellent communication skills for conveying information to various stakeholders.
• Continuous Learning: Commitment to staying updated with the latest security trends and technologies.

• Experience teaching security concepts.
• Formal software development experience in languages like Python, JavaScript, or others.
• Experience automating AWS and/or Microsoft Azure infrastructure.
• Proven leadership skills in managing small teams and projects.
• Active participation in the security industry through conferences and talks.

Compensation Range:

Pay Range - Start: $

Pay Range - End: $

We believe in fairness and transparency. Final salaries are based on various factors, including skills, experience, and location.

Grow your career with a best-in-class company! At Northwestern Mutual, we put our clients' interests at the center of everything we do. Enjoy first-class perks, benefits, and a culture of belonging.

• Concierge service
• Employee resource groups

Northwestern Mutual is an equal opportunity employer that welcomes and encourages diversity in the workforce. We are committed to creating an environment where every employee can contribute creatively and achieve their personal and professional goals.

Join us and be part of a team that values innovation, collaboration, and growth. Your future starts here!