Security Automation Engineer

Description

Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Built off years of Israeli cybersecurity experience, Snowbit is looking to offer the broadest managed detection and response offering available today.

Snowbit is part of the Coralogix group, with Coralogix rebuilding the path to observability by offloading the burden of indexing and providing deep insights, at an infinite scale, for less than half the cost.

Responsibilities

• Develop and implement automated security solutions, focusing on security operations, incident response, and vulnerability management.
• Write scripts and automation tools to streamline routine security tasks, reducing manual intervention and improving efficiency.
• Collaborate with security analysts, engineers, and other teams to identify and automate security tasks and processes.
• Use programming languages like Python, and other relevant scripting languages to automate security tools, workflows, and processes.
• Continuously assess and improve the effectiveness and scalability of security automation scripts and tools.
• Stay up-to-date with the latest cybersecurity trends, tools, and best practices to integrate automation solutions effectively.
• Develop and maintain integrations with existing security platforms, such as SIEM, vulnerability scanners, and incident response tools.
• Troubleshoot and resolve issues with automated processes, providing technical support as needed.
• Document processes, automation workflows, and system configurations to ensure transparency and ease of understanding for other team members.
• Participate in security incidents and contribute to root cause analysis for security issues that may arise.

Requirements

• Strong experience in security automation, with a deep understanding of cybersecurity principles and methodologies.
• Proficient in Python and other scripting languages (e.g., Bash, PowerShell, etc.) for automation and tool development.
• Experience with security tools and technologies such as SIEMs, vulnerability scanners, IDS/IPS, firewalls, and endpoint security.
• Familiarity with APIs and integrations between various security tools and platforms.
• Hands-on experience with cloud security, including automation of cloud-native security controls (AWS, Azure, GCP).
• Understanding of common security vulnerabilities and risks (OWASP Top 10, CVEs, etc.).
• Knowledge of secure coding practices and familiarity with automation frameworks (e.g., Ansible, Terraform, etc.).
• Excellent troubleshooting and problem-solving skills, with a keen eye for detail.
• Strong communication skills and the ability to work effectively with cross-functional teams.
• Ability to work in a fast-paced, collaborative environment.