Adventure's around the corner...
Senior Information Security Engineer, Tools and Detection- Toronto, Canada (Remote)
- Department Information Security
- Location Canada - Toronto
- Location Type Remote
- Develop and implement SOC (Security Operation Center) and Incident Response systems integrations through automation and orchestration including Rest API and Python in AWS.
- Collaborate with IT and Engineering teams globally in designing, assessing, and implementing security controls to improve the overall security posture of our Infrastructure.
- Translate analyst and researcher feature requirements and/or PoC (Proof of Concept) scripts and tools into full-fledged features, driving process automation
- Document’s security tools and systems, trains Security Operations staff on tool use, and supports the day-to-day SecOps staff in the security mission
- Constantly perform security monitoring gap analysis using MITRE ATT&CK/ similar framework and increase detection coverage. Improving Signal to Noise Ratio, Developing Incident Response Workflow that can be automated & writing SOPs for SOC
- Work with existing deployment infrastructure to regularly deploy releases using modern tools such as git and CI/CD (Docker, Kubernetes)
- Develops and publishes metrics and dashboards demonstrating our security posture, event activity and to drive operational improvements
- Experience administrating Security Orchestration, Automation and Response tool (Swimlane, Demisto, Phantom or similar tools) and coding custom use cases/playbooks within the tool.
- Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell, or Bash.
- Knowledge of Identity management. Hands on experience in managing below technologies: AV, DLP, SIEM, EDR, NGFW, Cloud Security Controls
- Broad knowledge of Active Directory, Microsoft Security products, Identity Management, network security, endpoint security, cloud security, vulnerability management, security incident response and malwares.
Good to have
- Exposure to incident response of cloud-based and distributed infrastructures are a plus.
- Possess any technical security certifications (e.g., SANS, Offensive Security, Azure/AWS Security Engineer, or any other industry standard certifications) is a plus
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
The perks. The rewards. The good stuff.
We’re proud to boast about our awesome benefits packages. Holistic wellness is a big deal for us. We offer everything you need to support your work and, most importantly, your work-life balance. We’re committed to helping you be the best version of yourself. Inside and outside of work.
Receive market-competitive pay and incentive programs—because you deserve it! To help future-proof your income, we offer generous support through retirement savings plans.
HEALTH AND WELLNESS
Keep your physical and emotional health in tip-top shape with health insurance for you and your family, an employee assistance program, annual wellness reimbursement, and access to wellness resources.
Work in an environment where you’ll have the freedom and trust to make an impact, with time for your life outside of work.
Relax and kick back through our generous paid time-off programs. Make a difference in your community with three volunteer days each year. Take your own personal day of rest with My Day. We also offer ample paid leave for all new parents.
We encourage self-directed learning, giving you every chance to become a better version of yourself, both professionally and personally. At Guidewire, lifelong learning is here for the taking.
Your career opportunities are only limited by your own imagination. Guidewire’s community is filled with chances to expand your horizons across any of our teams or worldwide locations.