NetWitness Senior DevOps/Ops Infrastructure Engineer – Threat Intelligence

Austin, Texas, United States

RSA Security

RSA provides identity intelligence, authentication, access & governance solutions, defending the world’s most secure organizations against cybersecurity risks.

View all jobs at RSA Security

NetWitness Senior DevOps/Ops Infrastructure Engineer – Threat Intelligence

NetWitness is the leader in network threat detection and response for on premises, hybrid, and multi-cloud enterprises.
The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect threats, prioritize activities, investigate, and automate response. All this empowers security analysts with better, faster efficiency to keep security operations well ahead of business-impacting threats. The NetWitness Platform captures packets and logs across network, public cloud, SaaS, and identity by applying patented security-led technology that enables the user to surface and prioritize threats for rapid threat response. NetWitness’ threat intelligence detections are powered by a deep understanding of attacker methods, the threat landscape, and data & meta-data generated by the platform. Alerts uncover attacker methods in action and are correlated across customer environments to expose real attacks. Organizations around the world rely on NetWitness to see and stop threats before a breach occurs. For more information, visit www.netwitness.com

NetWitness FirstWatch Threat Research and Intelligence Organization represents the core security knowledge and research capability within the company – tasked with powering our leading-edge technologies and aiding customers. As a member of the NetWitness FirstWatch Threat Research and Intelligence Organization, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.

Serving in the role of Senior DevOps/Ops Infrastructure Engineer at NetWitness, you will have a direct impact on the direction of the company through your applied knowledge of infrastructure, internetworking, DevOps, and traditional ops within the FirstWatch Threat Research and Intelligence Organization.

Qualifications:

• Lead on strategic and tactical initiatives.
• You have a growth mindset and are committed to delivering results.
• You thrive in a fast-paced, collaborative environment.
• 10 – 15 years of experience as a DevOps Engineer in the software industry.
• Must be able to obtain and maintain a security clearance.
• Hands on experience on cloud services like AWS, Google cloud, azure, etc.
• Hands on experience with hosted hardware environments.
• Experience with tools like chef, puppet, ansible, etc.
• Experience with infrastructure as code tools terraform or cloud formation.
• Experience with different queuing systems like rabbitmq, kafka, sqs, etc.
• Ability to create infra services for both cloud as well as on premise deployment.
• Basic knowledge of networking concepts like subnets, etc.
• Experience with containers and orchestration tools like Kubernetes.
• Exposure to Linux, EC2 Security, EC2 Balances, Automation Tools, AWS CLI,S3, Cloud Watch & Cloud Trail, SSH, Docker, Git, MLAB, Jenkins, Circle CI, Nagios, Jmeter & Blazemeter are must.
• Knowledge on GraphDB (Neo4j, ArrangoDB, JanusGraph, Neptune) MongoDB, Python/Django, data structure and algorithms would be added advantage.

Responsibilities:

• Working closely with the rest of the FirstWatch team, you will help ensure we are building high quality systems with monitoring best practices, build and enhance automated solutions, accelerate customer value delivery, and minimize human interactions with systems.
• Work closely with the FirstWatch teams to integrate their projects into its production AWS environment and ensure their ongoing support once there.
• Gain a deep application-level knowledge of the systems as well as contributing to their overall design.
• Be a DevOps champion - work closely with other internal teams to build security, reliability, and scalability into the development lifecycle.
• Dive deep into the software stack to troubleshoot as needed.
• Build engineering automation and productivity tools to streamline and scale applications in the production environment.
• Troubleshoot and resolve issues related to application development, deployment and operations.
• Build from the ground up reliable infrastructure services in AWS to deliver highly scalable services.
• Collaborate with a team of peers who are smart, professional, funny, driven, motivated with a pronounced passion what they are working on and where they are doing it.


What Will Help You

• Professional experience in DevOps/Ops and Infrastructure within cybersecurity and/or threat intelligence organizations.
• Operational experience in infosec as an incident handler/responder, red teamer, administrator, or internal consultant.
• Experience with big data technologies.
• Experience cloud providers and technology -- Amazon AWS or comparable Cloud Providers.
• Proactive, hard-working team player with a good sense of humor.
• Self-driven, able to efficiently work remotely without close supervision.
• Familiarity with the NetWitness Suite of Products or comparable full packet capture offerings, SIEM, and EDR a plus!
• You are inquisitive, proactive, energetic, and driven.

RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All employment decisions at RSA are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, protected veteran status, genetic information, or any other characteristic protected by federal, state or local laws. RSA will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. All RSA employees are expected to support this policy and contribute to an environment of equal opportunity.

If you need a reasonable accommodation during the application process, please contact rsa.global.talent.acquisition@rsa.com. All employees must be legally authorized to work in the US. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Analytics Ansible Automation AWS Azure Big Data Clearance Cloud DevOps Django Docker EC2 EDR GCP Jenkins Kafka Kubernetes Linux MongoDB Monitoring Nagios Neo4j Puppet Python RabbitMQ RSA S3 SaaS Security Clearance SIEM SQS SSH Terraform Threat detection Threat intelligence Threat Research

Perks/benefits: Career development Startup environment Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.