Lead Security Engineer/Manager

$128,000 - $213,500/Yr

Cox Automotive - Atlanta, GA

posted 5 days ago

Full-time - Mid Level
Atlanta, GA
Wholesale Trade Agents and Brokers

About the position

The Lead Security Engineer/Manager at Cox Automotive is responsible for the global management and operations of WAF/DDoS tooling across the enterprise, focusing on customer threat detection. This role requires expertise in WAF and application security, developing new security detection use cases to prevent fraud and abuse within Cox Automotive products. It is an individual contributor position that involves collaboration with various teams to enhance cybersecurity capabilities and manage security monitoring products.

Responsibilities

  • Manage and provide expert guidance on configuring WAF and Bot Management technologies across a large enterprise environment.
  • Collaborate with engineering teams to provide operational support for WAF, Bot Management, and DDoS protection.
  • Lead attack simulation tests to validate detection use cases for on-prem and cloud systems.
  • Develop customer threat detection and automated threat remediation use cases utilizing SIEM and other technologies.
  • Advance security tooling in-house to detect and respond to custom use cases.
  • Collaborate with IR/Threat Intelligence and Threat detection teams to improve cybersecurity capabilities.
  • Manage and improve security monitoring products for WAF, SIEM, DDoS protection, and other security technologies.
  • Leverage Threat Intelligence and perform threat hunting activities to identify compromised accounts and systems.
  • Propose and review security plans and policies to enhance the organization's security posture.
  • Maintain operational playbooks, diagrams, and documentation for security detection and response.
  • Review proposed security deployments to ensure monitoring requirements are met.
  • Utilize MITRE ATTACK and industry standard frameworks to build and test detection use cases.
  • Provide off-hour support for security administration, detection, and response activities.
  • Partner with Incident Response team for customer security and fraud investigations.
  • Perform incident response and forensic activities for internal and external threats.
  • Review compromised systems to identify root causes of security incidents and remediation actions.
  • Research new TTPs used by threat actors to undermine enterprise IT environments.
  • Provide timely detection and alerting of possible attacks, anomalous activities, and incidents.
  • Correlate incident data to identify vulnerabilities and recommend remediation actions.
  • Plan, implement, and document incident handling and response procedures.

Requirements

  • Bachelor's degree in Computer Science or related field or equivalent combination of experience and education.
  • 6+ years of related Security Engineering experience required.
  • Expert level knowledge on WAF, Web Security, DDoS protection, data analytics, and Bot Management.
  • Experience with developing SIEM/SOAR detection and automation use cases.
  • Cloud security experience in AWS, Azure, or GCP.
  • GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s).
  • Working experience with Information Security, Application Security, and Security Monitoring and Incident Response.
  • Must live within a commutable distance to either the Atlanta or NY office.

Nice-to-haves

  • Strong understanding of Zero Trust security best practices.
  • Effective communication of security issues to management and others.
  • Experience working with internal IT teams and external MSSPs for security monitoring.

Benefits

  • Flexible vacation policy allowing employees to take as much vacation as they deem consistent with their duties.
  • Seven paid holidays throughout the year.
  • Up to 160 hours of paid wellness annually for personal or family wellness.
  • Additional paid time off for bereavement, voting, jury duty, volunteering, military leave, parental leave, and COVID-19 vaccination leave.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service