Security Automation Engineer

Job Description

 

Overview

The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is the trusted community for sharing sector-specific cybersecurity information and intelligence. The RH-ISAC connects information security teams at the strategic, operational, and tactical levels to work together on issues and challenges, share best practices and benchmark among each other – all with the goal of building better security through collaboration. RH-ISAC serves all consumer-facing companies, including retailers, restaurants, hotels, gaming casinos, travel, food retailers, consumer products and other consumer-facing companies.

 

The RH-ISAC team values the importance of trust, learning and commitment. Our mission matters, and you will contribute to positive change in the industries we serve. We trust our employees to balance their work hours to suit their lives outside of the office as long as main hours are covered and supervisor approves. We rely on one another to deliver on promises, and we offer opportunities to acquire new skills and stay ahead in your field.

 

The security automation engineer, reporting to the senior director of security engineering, will contribute to automation of internal processes, develop and administer internal tools, support cyber threat intel integrations, and help enhance the organization’s security posture. Ideal candidates will have experience in application development, security operations, data analytics, and common security technologies. Hands-on experience building custom workflow automations in Slack and/or Salesforce Sales Cloud would be advantageous, as well as familiarity with MISP. Candidates must be self-directed, effective communicators, and able to collaborate across technical and non-technical teams in a work-from-home environment.

 

Expected Duties

 

Internal tool development and workflow automation

  • Develop secure technical solutions that improve the efficiency and security of the RH-ISAC
  • Assess existing workflows to identify automation opportunities
  • Collaborate with the RH-ISAC cyber threat intel team, and other staff, to strengthen existing practices and enhance member value
  • Design and maintain automated data pipelines to uncover trends in member behavior and threat intelligence, enabling actionable visualizations and strategic decision-making

 

Security tool integration development, implementation, and support

  • Develop and maintain integrations for key security tools in support of member security monitoring, incident response, and cyber threat intelligence
  • Collaborate with members to determine requirements and assist with the timely implementation of integrations
  • Produce documentation to guide member implementation of integrations, and help improve existing documentation

 

Administration and support of internal tools, capabilities, and security practices

  • Assist with configuration and administration of internal tools to help ensure operational and security requirements are met
  • Troubleshoot issues with internal tools, recommend resolutions, and implement fixes
  • Contribute to the maturation of internal security controls and processes
  • Draft documentation of technical processes and procedures

 

Establish and sustain trusted relationships among RH-ISAC members

  • Actively engage with members, identify their needs, and offer support
  • Join periodic calls with members to help promote integration opportunities
  • Contribute to discussion forums and help facilitate member conversations

 

Additional relevant and necessary duties to ensure the effectiveness of the ISAC organization and the success of its member’s cybersecurity and risk management efforts.

 

 Qualifications:

  • Bachelor of Science in Cybersecurity, Computer Engineering, Computer Science, or a related field.
  • 1+ years of professional cybersecurity experience (internship acceptable)
  • Competent in Python development, scripting, and automation
  • Experience with AWS services, web app development, REST APIs, databases, and Git
  • Knowledge of Linux and networking concepts
  • Understanding of security best practices and cyber threat intelligence
  • Familiarity with common security tools (TIP, SIEM, EDR, XDR, SOAR, etc.)
  • Strong interpersonal skills with a desire to help others solve technical problems

 

The Ideal Candidate Will:

  • Have a strong background in security engineering and application development
  • Have a passion for solving problems using new technology
  • Have experience supporting a threat intel or security operations team
  • Have administered security tools (e.g. TIP, SIEM, EDR, XDR, SOAR)
  • Have built custom workflow automations using Slack and/or Salesforce Sales Cloud
  • Have technical experience with MISP, PowerBI, and M365
  • Have actively participated in a threat information sharing and collaboration entity
  • Have a passion for connecting with and supporting members
  • Have excellent communication skills including oral briefing, training, and written analysis
  • Be detail-oriented, deadline-driven, adaptable, and dependable
  • Be personable, professional, and driven by a can-do spirit
  • Be genuine in the desire and willingness to support teammates

 

Location and Work Environment:

  • Location: Remote
  • Work Environment: The employee is expected to maintain a dedicated, distraction-free home workspace with reliable internet connectivity. Regular collaboration will occur via video conferencing, chat, and other digital communication tools. The role may require occasional virtual meetings across multiple time zones. While the position offers flexibility, standard core working hours [11 – 4pm ET] are expected for availability and team coordination
  • Occasional travel may be required
  • Physical Requirements:
    • Prolonged periods of sitting at a desk and working on a computer
    • Ability to use a keyboard, mouse, and monitor for extended periods
    • Must be able to communicate clearly via video, phone, and written correspondence
    • Occasional lifting of light objects (up to 10 lbs), such as laptops or office supplies
    • Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

 

Employment Type:

  • Full-Time, Exempt

 

Compensation and Benefits:

  • Salary Range: $85,000 - $115,000. Salary is contingent upon the candidate's experience, qualifications, and alignment with the role’s requirements.
  • Benefits: The RH-ISAC offers full-time employees medical, dental, and vision insurance, a flexible savings account (FSA), a health saving account (HSA), and short-term disability plans. The RH-ISAC also offers a 401k plan with a matching contribution if you make a “matched employee contribution” during the plan year.

 

The RH-ISAC is an Equal Opportunity Employer. We are committed to creating a diverse and inclusive workplace and consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other legally protected status.

This position has been filled.