Senior Information Security Engineer, Tools and Detection- Toronto, Canada (Remote)

We are looking for an experienced, Senior Information Security Engineer who will partner with cross-functional teams in a rapidly growing environment to assess, analyze, and optimize operational tasks.  This role will challenge you to become a true force-multiplier, assisting the security research team through designing and building threat centric application workflows, process automations, and drive organic development initiatives as well as serving to assess and prioritize enhancement requests. The successful candidate will have strong problem-solving, time management and analytical skills. 

Responsibilities

• Develop and implement SOC (Security Operation Center) and Incident Response systems integrations through automation and orchestration including Rest API and Python in AWS.
• Collaborate with IT and Engineering teams globally in designing, assessing, and implementing security controls to improve the overall security posture of our Infrastructure. 
• Translate analyst and researcher feature requirements and/or PoC (Proof of Concept) scripts and tools into full-fledged features, driving process automation
• Document’s security tools and systems, trains Security Operations staff on tool use, and supports the day-to-day SecOps staff in the security mission 
• Constantly perform security monitoring gap analysis using MITRE ATT&CK/ similar framework and increase detection coverage. Improving Signal to Noise Ratio, Developing Incident Response Workflow that can be automated & writing SOPs for SOC 
• Work with existing deployment infrastructure to regularly deploy releases using modern tools such as git and CI/CD (Docker, Kubernetes)  
• Develops and publishes metrics and dashboards demonstrating our security posture, event activity and to drive operational improvements 

Requirements

• Experience administrating Security Orchestration, Automation and Response tool (Swimlane, Demisto, Phantom or similar tools) and coding custom use cases/playbooks within the tool.
• Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell, or Bash. 
• Knowledge of Identity management. Hands on experience in managing below technologies: AV, DLP, SIEM, EDR, NGFW, Cloud Security Controls 
• Broad knowledge of Active Directory, Microsoft Security products, Identity Management, network security, endpoint security, cloud security, vulnerability management, security incident response and malwares. 

Good to have

• Exposure to incident response of cloud-based and distributed infrastructures are a plus. 
• Possess any technical security certifications (e.g., SANS, Offensive Security, Azure/AWS Security Engineer, or any other industry standard certifications) is a plus 

About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.