Senior Security Operations Engineer

Company: Blue Cross Blue Shield Association
Location: Jacksonville
Posted on: March 17, 2023

Job Description:

Job Description Summary

The Sr Security Engineer Operations position leads a team of security administrators handling many aspects of information security systems management and operations. This includes day-to-day management of information security tooling, including support, installation and maintenance of infrastructure components such as IDS, SIEM, HSM, WAF, and packet capture tools. Additionally, this role will work with other internal and external teams tasked with maintaining solutions relied upon by the security team. The ideal candidate will have specialized knowledge of Web Application Firewall administration and will be directly responsible for end-to-end administration and support for all WAF-related issues. A secondary responsibility will be to assist with incident response and forensics activities. Responsibilities include:* Lead a team of security administrators responsible for configuring, maintaining, and troubleshooting multiple technologies such as IPS/IDS, SIEM, WAF, HSM, Geo filtering, packet capture, and network malware detection solutions.* Operational ownership and support of the Web Applications Firewall (WAF), including managing WAF rules and creating custom policies* Provide oversight for the management of tooling managed by other internal and external teams or MSSPs such as web proxies, endpoint AV, EDR, email filtering, and identity solutions.* Define and deliver key operational and performance metrics for assigned technologies.* Provide Tier 1 support for incident response and threat detection activities * Provide on-call security support on a rotational basis* Collaborate with other information security teams to mature our security portfolio$$Automate security functions wherever possible, including contributing to internally developed and/or open source security toolsResponsibilities include but are not limited to:

• Full administration and management of assigned technologies
• Oversight of key security technologies not managed by Information Security as assigned.
• Management of MSSP Vendors who provide operational support.
• Mentoring and team building
• Tier 1 Incident Response and Threat DetectionRequired Education, Certifications and Experience
  • Bachelor's degree
  • Minimum 7 years in a Information Technology domain
  • Minimum of 2 years Web Application Firewall (WAF) administration
  • Strong knowledge of web protocols (especially HTTP and HTTPS)
  • Working knowledge of web-application security concepts
  • Knowledge of SQL Injection, XSS, RCE, Buffer Overflows, filter invasion, and other application-layer attacks
  • Demonstrated experience managing and administering systems security appliances and/or Unix/Linux environments
  • Demonstrated ability to program or "script" in languages such as Python, Perl, PowerShell, or Bash
  • Advanced knowledge of operating systems, network troubleshooting, and common applications.
  • Advanced troubleshooting and problem resolution skills
  • Demonstrated proficiency in Unix/Linux systems administrationPreferred Education, Certifications and Experience
    • Cloud administration experience (AWS/Azure)* Experience developing custom automation for common system administration processes* Experience administering Splunk, Elastic Search, or other SIEM/analytics technologies* Experience administering other security tooling such as IDS, Web Proxy, SIEM, WAF, HSM, and/or packet capture toolsSOC/IR experience.People Management - No

Keywords: Blue Cross Blue Shield Association, Jacksonville , Senior Security Operations Engineer, Engineering , Jacksonville, Florida