Staff Information Security Engineer - US Remote Option

We are looking for an experienced, Staff Information Security Engineer who will partner with cross-functional teams in a rapidly growing environment to assess, analyze, and optimize operational tasks. You will work in a highly dynamic environment, along with peers and senior security analysts, to empower security teams by giving them the tools necessary to monitor, detect, analyze, and respond to threats, both internal and external. 

Responsibilities

• Collaborate with IT, Cloud Operations and Engineering teams globally towards designing, assessing, and implementing security controls to improve the overall security posture of our Infrastructure. 
• Be the technical SME for the SIEM platform at Guidewire – design, deploy and maintenance
• Lead and oversee deployment, operation, and maintenance of the Enterprise Security Tools including, but not limited to IDS, Content Filter, DNS Security, Endpoint Detection & Response, Mobile Device Management, SIEM, UEBA and Cloud Security. 
• Hands-on experience with Amazon Web Services (AWS) around enabling and strategize centralized security logging across multiple accounts, onboarding logs, and creating custom parsers for various AWS services. 
• Document’s security tools and systems, trains Security Operations’ staff on tool use, and supports the day-to-day SecOps staff in the security mission 
• Constantly perform security monitoring gap analysis using MITRE ATT&CK/ similar framework and improve the detection coverage. Improving signal to noise ratio, developing incident response workflow that can be automated & writing SOPs for SOC 
• Independent sound decision making skill to review security implications, for change and access requests by various stakeholders and generate a consensus on the proposed solution 
• Develops and publishes metrics and dashboards demonstrating our security posture, event activity and to drive operational improvements  

Requirements

• Knowledge of Identity management. Hands on experience in implementing and managing enterprise SIEM infrastructure along one or more of the below technologies: DLP, CrowdStrike EDR (or similar EDR’s), Palo Alto firewalls (or similar tools), Cloud Security Controls 
• Broad knowledge of Active Directory, Microsoft Security products, Identity Management, network security, endpoint security, cloud security, vulnerability management, security incident response and malwares. 
• Strong hands-on knowledge in designing, deploying, and maintaining logging infrastructure in multiple AWS (or any cloud environment) accounts.
• Ability to prioritize tasks and execute on them to meet goal in timely manner
• In-depth knowledge of security monitoring and incident response. 
• Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell, or Bash.  

Good to have

• Exposure to incident response of cloud-based and distributed infrastructures are a plus. 
• Possess any technical security certifications (e.g., SANS, Offensive Security, Azure/AWS Security Engineer, or any other industry standard certifications) is a plus 

#LI-Remote
About GuidewireGuidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. More than 400 insurers, including the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or Accommodations@guidewire.com. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail Accommodations@guidewire.com to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.