Linux Infrastructure Security Engineer required to work in the Enterprise Security Platforms (ESP) Endpoint Engineering Team, providing the highest level of security consultancy and engineering support for Linux based security agents. The role is suited to an experienced Linux Engineer/Sysadmin with a proven understanding in enterprise infrastructure, security and product deployment.
The role will focus on extending the firm’s Endpoint Protection Platform and Endpoint Detection and Response Squads to achieve risk control objectives and will involve solution architecture, engineering, and development to achieve automation and integration with firm systems and processes.
The position will involve both on-premise and Cloud (AWS/Azure) based workloads and environments and involve integrating 3rd party or open-source Security products into the Environment.
Responsibilities
- Research, architect, engineer and deploy Linux (RHEL 6 and 7) based OS and Container based security controls
- Complete environment configuration, automation, build, and documentation tasks with a focus on reliability and ongoing supportability
- Develop tools and scripts to enable automation in configuration management, packaging (RPM’s etc.) and platform integration via API’s and scripting
- Work with global colleagues from both internal and external teams throughout the organization to provide solutions via ongoing communications and consistent processes
- Research and evaluate solutions for on-premise, cloud and container-based security controls
- Participate in technology evaluations and play an active role in strategic improvements based on technology trends, best practices, and industry standards
- Investigate & Troubleshoot root causes when escalated from L3 operations
Required Skills
- 8+ years of experience in platform engineering
- Strong Linux (RHEL 6 and 7) Systems Administration experience
- Scripting and development skills (Python/Perl or other) with deep comprehension of good code design, regular expressions, process management, performance optimization and error control
- Knowledge of core security concepts and implementation principles
- Exceptional communication and interpersonal abilities as a flexible, self-driven team member
- Strong task management and organizational skills
- Ability to demonstrate broad exposure to various technologies - Preferably in a global environment in the finance industry or an industry at a similar scale
Desired Skills
- SIEM experience with Splunk is a plus
- Experience of Antivirus, Encryption, EPP and EDR Controls, Sandboxing, OS Hardening, CIS benchmarks
- Experience of AWS, Azure, Docker, SELinux, Ansible
- Cross skilled in any Windows or MacOS platforms is a plus
- Experience working in Agile Squads or DevOps is a plus
- Experience working with Tanium platform is a plus
- General networking and security knowledge in areas such as Firewalls, TCP/UDP, Routing/Switching, DNS, NAT, Packet Tracing and Analysis