Location: San Francisco, CA- United States
Job ID: 18WD27968
The Information Securtiy Team @Autodesk
Are you looking for an opportunity to join a fast-paced information security team in a global company that is enabling The Future of Making Things? Do you get enthralled finding the unknown and help engineer solutions to better detect and respond to security incidents? Do you thrive when working collaboratively and cross-functionally to advise strategic initiatives that will strengthen the company’s security posture? If so… we’re looking for a new member for our Incident Response team in San Francisco, California.
Autodesk is seeking an Information Security Engineer to be part of the Security Incident Response Team focused on Incident Response and Threat Intelligence. This role will an expert in the technical response activities to successfully execute the Security Incident Response Plan(SIRP) and identify technology and process improvements to mature the incident response capability. This role will also engineer and improve solutions to proactively identify incidents.
A successful candidate for this job will work with multiple stakeholders including internal/external technical stakeholders and help deliver consistent response activities and identify enhancements to the Incident response technology and process. The role will also build and operate systems that consume external, internal threat feeds, build behaviors analysis trends and develop security analytic systems to track down, stop and/or prevent malicious activities, security violations, vulnerabilities and other threats against Autodesk’s information assets. This role will research the latest threats, vulnerabilities & methods for deploying controls in the prevention, detection and response to best secure the environment. Additionally, the role will produce threat assessment reports and evangelizing security practices to protect Autodesk against information security risks.
The role requires excellent communication, marketing and planning skills and ability to work with individuals and teams from across the organization. The incumbent should have excellent analytical thinking and ability to understand complex technical issues in compressed time frames.
The Information Security Engineer reports to the Manager Security Response.
- Improve Autodesk’s ability to detect intrusions in real-time
- Identify and protect against all threats to Autodesk’s information assets
- Analyze and provide security recommendations for tools and infrastructure to achieve security goals
- Actively be involved in Incident response and investigations including leading and directing technical response activities during investigations
- Design, develop and implement next-generation detection and automated response solutions including identifying high fidelity threat intel
- Gather threat intelligence and build, optimize, and develop systems for effective and efficient security response
- Research emerging technologies and maintain awareness of current security threats and risks in support of security enhancement and development efforts
- Independently research to identify novel methods dealing with next generation security problems
- Actively collaborate and share ideas, thoughts and challenges with your peers within the organization and the security industry
- Evangelize and market security practices and solutions
- Create innovative solutions to complex security problems
- Writing security white papers and/or presenting security products and technologies to diverse audiences
- Document process, procedure and reports pertaining to incident detection and response
- Document process pertaining to gathering and maturing Threat Intelligence
- Master’s degree (M.S) in computer science or related field, or Bachelor’s degree (B.A.) and equivalent work experience
- 7-9 years’ experience in investigating incidents while being part of a response team or a Security Operations Center (SOC)
- Highly experienced working on Information Security Incidents, investigation, containment and remediation
- Extensive understanding of Network, Infrastructure, computer and Product Security Incidents and the technical response activities entailed
- Extensive understanding of mobile and cloud security specific to investigating incidents
- Experienced working within a fast-paced incident response team with knowledge of log correlation, forensics, security vulnerabilities and exploits, mobile security
- Highly experienced in defining and guiding technicalities around remediation and containing a security incident
- Experienced deploying security solutions, architecting detection and response solution to mature capabilities
- Deeper understanding of threats, actors, indicator of compromise and the actor TTPs (Tools/Techniques and Procedures)
- Experienced with maturing strategic and tactical aspects of the Threat Intelligence program
- Strong communication skills interacting with technical stakeholders including ability to convert technical language to business language for leadership
- Strong presentation skills to illustrate metrics, processes and incident updates
- Excellent analytical skills, organizational skills, ingenuity and the ability to work as part of a team
- Advanced interpersonal skills to effectively promote ideas and collaboration at the various levels of the organization
- CISSP, GCIA, GCIH Certifications
- GPEN, GXPN, GCFA, GNFA certifications a plus
- Led a security operations team managing and handling information security incidents
- Developed or managed an Incident Response Program
- Developed architecture and built custom solutions to detect suspicious security events and automate responses to better handle incidents
To apply for this job please visit itjobpro.com.