At NAVISITE - Part of Accenture, celebrating our employees and investing in their well-being and development is not just a priority or an initiative - it's woven directly into our company fabric. Our mantra and unofficial corporate hashtag #SoMuchGood is all about recognizing our team's commitment and achievements, both inside and outside the office. It's that theme that has driven a host of programs at Navisite - it's who we are. What we do is simple: We work hard, we have fun, we give back to the community and we never take our eye off the goal - creating a modern cloud MSP with a global, talented team of employees. Join us and be part of our team!!
What you’ll be doing:
Develop and implement Infrastructure-as-Code and Security-as-Code automation to detect and respond to threats in cloud environments like Amazon Web Services (AWS), Microsoft Azure, Oracle Cloud, SaaS applications and on-premises environments.
Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and nonoperational situations.
Create SIEM dashboards, complex queries, event correlation, data enrichment, generation of alerts, and threat hunting activities.
Establish and mature security hardening standards and advocate for changes in policies that support organizational cyber security initiatives, enhancements and drive process improvement efforts.
Collaborate with business partners to ensure security is factored in the evaluation, selection, design and configuration of hardware and software.
Serve as an internal/external subject matter expert and participate in working group sessions to share knowledge, idea generation for advancing security capabilities and achieving efficiencies.
Develop, plan, coordinate, deliver and/or evaluate training courses, methods, and techniques as appropriate for team members within pertinent subject domain.
Lead incident response efforts including investigation, artifact collection, escalation, containment, recovery, root-cause analysis, and drafting of incident reports.
Identify tactics, techniques, and procedures (TTPs) and the development of threat models using the MITRE ATT&CK framework.
What you’ll need to bring:
8 years of combined experience in DevOps, DevSecOps, security incident management, security engineering, or SOC analysis
Proven ability to develop custom integration, tooling, and automation within CI/CD pipelines such as Gitlab
Strong proficiency with Puppet and PuppetCode
Familiarity with Elastic Stack (Elastic Search, Logstash, and Kibana)
3 years of hands-on experience across one or more detection and preventive controls such as NGFW, WAF, Proxy, IDS/IPS, EDR, XDR, CASB, A/V, DLP, or SIEM/SOAR.
Knowledge of security frameworks such as MITRE ATT&CK framework.
Advanced knowledge of network security concepts and technologies such as VPN, firewalls, network monitoring, intrusion detection/prevention, cloud security, content filtering, etc.
Proficiency with languages such as Python, Lua, Ruby, Powershell, or Bash
Strong knowledge of microservices, Kubernetes, and containers
Experience in Digital Forensic & Incident Response (DFIR)
Exposure to working on red team/blue team, incident response and attack simulation.
Advanced knowledge of OS internals (Linux/Windows), endpoint security, advanced persistent threat (APT), malware, and vulnerability management
Familiarity with AWS, Azure, GCP, or OCI
What you innately possess:
Capable of completing technical tasks without supervision.
Desire to grow and expand both technical and soft skills.
Strong project management skills.
Ability to foster a positive work environment and attitude.
Ways to stand out from the crowd:
Working knowledge of Python Frameworks such as Django
Experience with ServiceNow automation and integration
Familiarity with developing and integrating REST APIs
Capable of Red Teaming by employing both passive and active TTPs
One or more relevant security certifications
NAVISITE - Part of Accenture, is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all employees. Navisite does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factor.
Internal Applicants – No sponsorship available / External Applicants – Sponsorship not guaranteed. Any potential sponsorship depends on a number of factors, including but not limited to the local candidate pool and can vary from year to year.
You must ensure compliance with data protection legislation under the DPA, EU GDPR, any other applicable data protection legislation.
