This job listing has expired and the position may no longer be open for hire.

Cyber Security Engineer II - IR AUtomation (SOAR)-Eden Prairie, MN at United Natural Foods Inc

Posted in Software 30+ days ago.

Type: Full-Time
Location: Eden Prairie, Minnesota





Job Description:

Who We Are

We're pioneers who every day deliver new choices that shape the foodscape. We discover what's next. Bold ideas and new possibilities that drive the industry. Better food. Better future. Our teams are a highly innovative group of talented professionals; laser-focused on making a difference and having fun while we do it.

 

At UNFI, we're inspired by the unexpected. We look at things like our unmatched distribution network and full-store assortment through a new lens. From gourmet and ethnic to fresh, prepared foods to specialty cheese - we cover everything in the store and your kitchen. Energizing tomorrow, guiding a healthier road ahead.

 

We believe that:


  • Freedom of food choice matters

  • Discovering what’s next keeps us vital

  • We’re not afraid to get our hands dirty

  • We’re here to connect food, people and the planet

  • New routes can take us anywhere

  • Scale drives our ability to positively impact lives

  • There is no limit to fresh ideas

  • Sustainability is our responsibility

A Bit About You…


  • You thrive in a fast-paced, dynamic environment

  • You wake up in the morning with a passion to inspire others to be great

  • You possess the ability to lead leaders to develop strong teams and deliver on your strategies

  • You are a natural at connecting with others and building strong relationship networks

  • You have a proven ability to leverage consumer insights to develop brand positioning

  • You understand the importance of collaboration and partnership to enable business outcomes

  • You strive to build and deliver the “big picture” strategy

  • You possess a positive mindset and often spotlight opportunities that others may overlook

The Digital Forensics & Incident Response (DFIR) team is part of the Cyber Operations group within the overall Cyber Security department.  The DFIR team has four focus areas:


  • Security incident monitoring and response (IR)


    • Monitor, analysis, and response activities associated with generated alerts or reported security events

    • Rule tuning, SOPs, etc. within the SIEM or other alerting technology



  • Threat Intelligence

    • Review and keep apprised of new threats, threat actors, exploits, TTPs, etc.

    • Analyze and report how these threats and TTPs may pose a risk to UNFI or our customers

    • Work with other areas within DFIR, Cyber Security, and IT to address as needed



  • Threat Hunting

    • Research new threats and TTPs in conjunction with the TI program, as well as individually

    • Search the UNFI environment for evidence of compromise or gaps in alerting coverage

    • Work with the appropriate teams to address any findings and remediation items



  • Security Orchestration and Automation Response (SOAR) development

    • Work with all portions of DFIR to develop the in-place SOAR platform

    • Develop playbooks, automations, integrations, reports, dashboards, etc.



 

Reasons to join DFIR


  • The work is always changing.  Security threats evolve and change on a daily basis.  The DFIR team is always evolving as a result. 

  • You enjoy being on the cutting edge of security threats and defensive techniques.

  • Plenty of opportunity to make your mark!  With new tools, processes, SOPs, etc. being developed all of the time, there is plenty of opportunity to have real impact into securing an organization.

  • Team dynamics are fun, responsible, humorous, and hard working.  We accomplish a lot, have a high responsibility in terms of securing the organization.  We therefore approach our work in a collaborative and enjoyable manner, while setting high yet accomplishable expectations for ourselves.

  • Be exposed to almost every facet of the organization, as we are charged with monitoring and securing most of it!

Job Overview: 

The Cyber Security Engineer II – SOAR serves on the Digital Forensics & Incident Response team, which is responsible for security event monitoring and response in order to protect the availability, confidentiality, and integrity of UNFI systems and data.  These solutions include, but are not limited to cyber security operations center technologies and processes, threat intelligence, forensic solutions, end point security, etc.

This position will serve as the SME and primary development resource for the Security Orchestration Automation and Response (SOAR) application for the DFIR team.  In this roll, the individual will work with DFIR team members to receive requirements for new incident templates, playbook/runbooks, integrations, etc., then own the design, testing, troubleshooting, etc.  The position will also work closely with the Security Engineering team as it relates to moving candidate changes to production, infrastructure issues, etc.  Additionally, the candidate will participate in the review, recommendation, and assist in the implementation of improvements to security ecosystem.  They will provide consultative services to the technology and business teams to ensure security is integrated into all aspects of the business.  The role will also serve as a resource during security related incidents.

Job Responsibilities and Accountabilities: 


  • Under minimal supervision, designs, tests and maintains SOAR application runbooks, incident templates, dashboards, reports, jobs, etc.

  • Works closely with DFIR team members on identification of development work needed, and prioritizes based on direction from Sr. Manager.

  • Works closely with Security Engineering for any infrastructure issues, promotion to production, and on other collaboration / integration work.

  • Familiarizes oneself with in-place security applications, such as SIEM, IDS, EDR, encryption, and vulnerability management solutions, that can be leveraged for data enrichment and other actions.

  • Suggests improvement opportunities where available.

  • Ensures all modifications / changes are tracked and follow proper change control and SDLC processes.

  • Maintains and increases knowledge of solutions.

  • Perform data analysis across disparate or divergent datasets.

  • Conducts root cause analysis and communicates outcomes in a clear and consistent manner.

  • Performs other relevant job duties as required. 

Job Requirements:

Education/Certification: 

Education/ Certifications:


  • Bachelor’s degree in management information systems, computer science, or related discipline is required

  • Industry certification such as GCIH, CISSP, CISA, CISM, GCFA, GCFE, etc. preferred.

Experience:


  • 3-5 years minimum experience in line with job responsibilities.  Must include hands-on, development level experience with SOAR products such as Palo Alto Cortex XSOAR (Demisto), IncMan, Swimlane, etc.

  • Knowledge with Incident Response, Vulnerability Management, and other security concepts required.  Experience preferred.

  • Knowledge and experience with Common Internet Protocols: TCP, UDP, ICMP, FTP, etc.

  • Scripting experience (python, PowerShell, etc.) required

Other Skills/ Abilities:


  • Flexible and adaptable to learning and understanding new technologies

  • Strong written, verbal, and interpersonal communication skills

  • Ability to work extremely well under pressure while maintaining a professional image and approach

  • Team player with proven ability to work effectively with other business units, IT management and staff, vendors, and consultants

  • Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause

  • Self-driven and able to reach deadlines on-time with minimal direction 

All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.





More jobs in Eden Prairie, Minnesota


Motion Industries

USIC Locating Services, LLC

Orkin LLC
More jobs in Software


Luminant Generation Company LLC

Ace Relocation Systems, Inc

Linde Inc