Information Security Engineer, Senior

Your Role

The Information Security team partners with IT and business teams to provide support and guidance to build products with sustained security and compliance through industry best practices. The Security Automation Engineer, Senior will report to the Senior Manager of Security Engineering. In this role, you will be focusing on providing automation and engineering. You will be assisting with designing, implementing, and maintaining security automation technologies using BSC automation methodologies. You will contribute to system enhancements, process improvement, and creative solutions to solve complex problems and improve the effectiveness of our security automation technologies.

Your Work

In this role, you will:

• Contribute to the design, deployment, and ongoing maintenance of current and desired security automation Use Cases.
• Assist in identifying areas for new automation Use Cases and implement security tool integration.
• Support the design and development of automation capabilities to reduce or eliminate manual tasks related to both application infrastructure delivery and the operations of the resulting solution.
• Help develop and maintain written procedures, engineering drawings, and other technical documentation for accuracy of automation Use Cases and knowledge across the team.
• Work with cross-functional teams to influence the priority of automation Use Cases security features and controls, with minimal authority or supervision.
• Advocate the adoption of new security automation Use Case procedures and solutions to support emerging enterprise business and customer needs.
• Troubleshoot automation Use Case issues across the entire automation landscape solutioning, testing, lifecycle, migration, production deployment and maintenance, upgrades/patches, processes, procedures, and policies.
• Engage with the business to provide subject matter expertise and consultancy for security automation services.
• Provide support, advice, and advocacy to Security teams on automation solutions (automation Use Cases); resolving issues and finding options to meet new business requirements.
• Contribute to the achievement of strategic and operational goals established by Information Security & Risk Management leadership.
• Establish metrics and implement reporting to track coverage and effectiveness of working security Use Cases.
• Provide security automation guidance, coaching, and training to other employees across the company to support the enterprise initiatives on automation development.
• Other duties as assigned.

Your Knowledge and Experience

• Requires a bachelor's degree or equivalent experience
• Requires at least 5 years of prior relevant experience
• Strongly prefer knowledge of Microsoft Windows, Red Hat Linux (RHEL), Azure
• Working knowledge of TCP/IP, HTTP, SSL, DNS, LDAP, Active Directory and one or more of: XML, IIS, Web Services/SOAP/REST, authentication protocols, SSH, SFTP, familiarity with CI/CD tools such as Jenkins, Bitbucket, Bitbucket Pipelines, Ansible, Git, Jira and Confluence
• Expertise in orchestration tools such as ServiceNow and Digital.ai, scripting language such as Python, Powershell and YAML, and familiarity with configuration management tools such as Ansible, SCCM
• Familiarity with Kubernetes and OpenShift, 1+ years of experience in implementing Cloud based DevOps practices and Infrastructure as Code, and 1+ years of experience in rolling out container-based solutions (Docker, Kubernetes) PLUS