CT - Senior Security Analytics & Automation Engineer

$116,700 - $194,500/Yr

McKesson - Irving, TX

posted 15 days ago

Full-time - Mid Level
Remote - Irving, TX
1-10 employees
Merchant Wholesalers, Nondurable Goods

About the position

The Senior Security Analytics & Automation Engineer at McKesson will play a crucial role in the global Cybersecurity team, focusing on delivering actionable insights through security analytics platforms. This position requires expertise in Security Analytics, particularly in the architecture, operation, and support of SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) technologies. The role emphasizes the importance of security in healthcare, contributing to the overall mission of making quality care more accessible and affordable.

Responsibilities

  • Design, implement, and support SIEM and SOAR solutions in a highly available, redundant, distributed computing environment.
  • Perform SIEM component configuration and troubleshooting across various platforms, both on-premises and in public clouds.
  • Integrate data sources into SIEM from on-premises and cloud-deployed devices and applications.
  • Develop SIEM content and support other content developers using expert knowledge.
  • Monitor internal data sources to identify and resolve potential performance issues.
  • Automate frequently used processes and workflows with SOAR-related technologies.
  • Maintain technical documentation and design documents related to system configurations, processes, and operational procedures.

Requirements

  • 3-5 years of professional work experience in a technical position.
  • BS/BA degree or equivalent experience.
  • 1-3 years of IT experience in a technical position as an engineer, architect, or system administrator within a large-scale mission-critical enterprise environment.
  • 2+ years of direct hands-on experience in administration or support of SIEM solutions.
  • Experience deploying, configuring, and maintaining a SIEM at scale.
  • Experience writing complex queries for dashboards, reports, and apps.
  • Experience automating repetitive and error-prone operations with scripting languages.
  • Working knowledge of enterprise architecture, infrastructure components, and design.
  • Experience working in an Agile environment using Scrum or Kanban methods.
  • Team-oriented with great communication and interpersonal skills.
  • Ability to work on all aspects of large-scale projects including planning, prioritizing, executing, delivering, and sustaining.

Nice-to-haves

  • Experience creating security detections for Splunk Enterprise Security or other correlation engines.
  • Proficiency with Linux platforms, including shell scripting (Red Hat preferred).
  • Experience with cloud platforms such as Microsoft Azure and GCP.
  • Experience with additional logging/data broker ETL technologies such as Kafka or Cribl.
  • Certified Splunk Power User or Administrator, CISSP certification preferred.
  • Working knowledge of machine learning and UEBA concepts.

Benefits

  • Competitive compensation package including base pay and potential bonuses.
  • Annual bonus or long-term incentive opportunities.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service