Lead Security Automation & Detection Engineer
Chicago, Illinois, United States
LiveRamp is the trusted platform that makes data accessible and meaningful. Our services power people-based customer experiences that improve the relevance of marketing and allow consumers to better connect with the brands and products they love. We thrive on solving the toughest technical and customer challenges, and we’re always looking for smart, compassionate people to help us blaze a trail.
Mission: LiveRamp makes it safe and easy for businesses to use data effectively.
LiveRamp is seeking an experienced leader to drive all aspects of our security automation, engineering, and threat detection. This role will report to the Director of Information Security Operations, and work with cross-functional teams and external parties to develop and operationalize automation use cases. This role will increase operations maturity by converging automation, incident response, and threat intelligence. In addition to automation, this role
- Programmatically develop automated workflows in SOAR platform to improve and make security incident analysis more consistent and efficient
- Help identify processes across the business that can be improved through automation
- Using the MITRE ATT&CK framework, develop, test, and implement new SIEM threat detections for resources in cloud environments
- Assess the event visibility and log coverage of the SIEM, and work with DevOps, Engineers, and platform owners to configure log forwarding
- Design and lead threat hunt exercises with SIEM, log aggregation, and EDR technologies
- Perform activities that mimic threat actor behavior to test visibility, security controls and detections, and make recommendations for improvements
- Validate and make recommendations for remediation from bug bounty program findings
- Enable threat intelligence driven SOC investigations by integrating threat feeds with the SIEM and SOAR platforms
- Work collaboratively with DevOps, engineering, product, and cloud infrastructure teams to lead process improvements and improve overall security effectiveness
- Plan, implement, manage upgrades to security solutions and platforms
- Participate in change control processes that may have impact to LiveRamp’s security posture
Your team will:
- Improve security alert triage and speed by implementing Security Orchestration Automation and Response (SOAR) technology
- Conduct threat hunting exercises looking for specific malicious activity
- Improve SIEM logging, monitoring, and threat detection capabilities for production and corporate IT assets
- Bachelor or Masters degree in Cyber Security, Security Engineering, Computer Engineering, Computer Science, Management Information Systems, or similar technical discipline
- Diverse knowledge of web proxies, firewalls, IDS/IPS, IT infrastructure and processes
- Ability to write scripts and create tools using Python, C++, Java, Ruby, and/or PowerShell
- Have a solid understanding of REST/SOAP/WSDL/XML and HTTP Request Methods
- Prior security analyst experience with knowledge in Windows, MacOS, and Linux operating systems
- Knowledge of cloud computing and cloud technologies
- Experience conducting investigations in EDR, SIEM, and DLP technologies
- One or more certifications, including but not limited to CCSP, CCSK, GCIH, GDAT, GCIA, GREM, GCFA, GSEC, CISSP, AWS Cloud Practitioner or GCP Cloud Engineer
- Skilled in malware analysis, forensic analysis and incident response investigations
- Network security monitoring and analysis
- Malware reverse engineering
- Security engineering experience in GCP
- People. Work with talented, collaborative, and friendly people who love what they do.
- Food. Enjoy catered meals, boundless snacks, and the occasional food truck.
- Fun. We host events such as game nights, happy hours, camping trips, and sports leagues.
- Work/Life Harmony. Flexible paid time off, remote work opportunities, and paid parental leave.
- Stock. Every employee is a stakeholder in our future.
- Whole Health Package. Medical, dental, vision and disability insurance. Plus mental health support (via Talkspace) and fitness reimbursement up to $100 per month.
- Savings. Our 401K matching plan helps you plan ahead.
- Commuter Subsidy. $75 per month to be used toward commuter cards, monthly parking, rideshare pools, or metro/bus passes.
- Location. Work in the heart of Chicago or remotely
More about us: