Security Automation & Orchestration Engineer

Secureworks® (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

• 5+ years of experience with scripting in one of the following scripting languages: JavaScript, Python, Perl and various shell scripting. Python strongly preferred.
• Familiar with Ansible
• Proven background in creating automation tools, automating web based services is a plus.
• Familiarity with *nix-based command line tools.
• Solid knowledge of REST API best practices and usage.
• Strong technical communication skills, both written and verbal.
• Effective time management and organizational skills.
• Team player with the ability to work autonomously in a fast-paced, dynamic environment, often with ambiguity.
• Passionate about information security and service excellence.
• Ability to travel occasionally for client-site visits, team on-sites and strategic planning.

If you’re keen to work on diverse and highly complex information security problems, this is your opportunity to develop with Secureworks.

• Perform regular updates of existing Playbooks based on changes in the Threat Landscape or a clients security controls.
• Drive continuous improvement of existing playbooks to address new threats and tactics employed by attackers.
• Manage an inventory of subtasks that enable broader playbook creation.
• Produce new playbooks as threats change and new security tools and controls emerge in the market place.
• Perform regular reporting on the usage of playbooks and the effectiveness of a playbook to conclusion.
• Develop logic that bridges connectors, tasks and human input to accelerate the response to escalated security incidents.
• Develop connectors that collect enrich and leverage data from third party and proprietary webservices.
• Participate in client meetings to further optimize their specific operational plan based on our best practices and operational learnings.