Western Digital Careers
Join our Talent Network

Senior Security Engineer – Information Security

Location: Remote - Colorado, CO, United States 
Req ID: JR-0000026359

Description

Do weak server security configurations bother you? Do you like to write scripts and find ways to automate technology? Are you more comfortable with a command line versus a GUI? Then Western Digital would like to speak with you. Western Digital is looking for a passionate and energetic Senior Security Engineer working directly for the Senior Director of Global Cyber Operations. 

What will you be doing?

As a senior professional in the cyber team you will be a mentor to other members of the team, will work as a subject matter expert for cyber security technologies including pilots, design, architecture, implementation, and engineering. This means you will be crucial in helping select, implement, and manage the security technologies for the global enterprise.  You will be required to use your skills and experience to put together requirements, run proof of concepts, architect global deployments, partner with other organizations, and oversee the technology from start to finish.

Furthermore, this position will partner directly with the Security Operations Center (SOC) to maintain a healthy state of the entire security stack and ensure the SOC has the data they need.  Western Digital is looking for a self-motivated, creative, highly efficient, and widely experienced security practitioner.  Your ability to partner with peers, communicate effectively, stay organized, and demonstrate your high technical skills; are what will help you achieve success. 

Job Details

Responsibilities:

  • Act as primary contact for the cyber security technology stack
  • Work with the SOC to support and respond to security technology needs
  • Maintain well organized technology diagrams (network, rack, architecture, dataflow) and system inventories
  • Provide system administration for the global security technology stack
  • Lead discussions related to the architecture and engineering of security technologies that support the SOC
  • Collaborate with the infrastructure teams
  • Design, update, and maintain standard operating procedures for security system administration
  • Troubleshoot technology issues
  • Manage service request queues
  • Partner with vendors to maintain and enhance security technologies
  • Oversee the maturity of the global cyber security technology stack (metrics, health checks, tech debt, patching, configuration management, etc)
  • Write scripts for automation
  • Design, write, and implement APIs to integrate various technologies

Qualifications

  • Bachelor’s degree from accredited 4-year University in Computer Science or equivalent technical area
  • CISSP, Mac / Windows / Linux related certificates
  • 6 years’ experience in information technology
  • 4 years’ experience in information security (specifically in architecture, engineering, and operations)
  • Proven track record for effective communication at all levels including senior and executive leadership
  • Ability to work and manage multiple simultaneous projects
  • Must work well under pressure, in stressful situations, achieve critical deadlines, maintain confidentiality, and ensure high professionalism and customer service.
Qualifications:
  • Security architecture: infrastructure, network and systems design
  • Work independently without detailed guidance
  • In-depth knowledge of operating system configuration management (Windows / Linux / Mac)
  • Ability to read, write, and implement scripts (python, perl, powershell, bash, etc.)
  • Knowledge and experience with various Tactics, Techniques, and Procedures (TTPs) used by malicious actors (APT, nation state, organized crime, insider threat, etc)
  • Experience with implementation of APIs and technology integrations
Technical Proficiencies: 
  • Log correlation and analysis (SIEM)
  • Forensic tools (EnCase, FTK, Cellebrite, etc)
  • Windows / Mac / Linux operating systems
  • Advance endpoint protection (FireAmp, Crowdstrike, Cylance, MIR, etc)
  • Antivirus (McAfee, Trend Micro, Symantec, etc.)
  • OSI Model
  • Deceptive controls (honey pots, deceptive networks, honey nets, etc)
  • Operational maturity models
  • Vulnerability and patch management
  • Network security (Firewalls, IDS/IPS, Web-proxy, NGFW, Packet capture, Netflow analysis, etc)
  • DLP
Recommended Skills:
  • Knowledge of IT security and various frameworks (NIST, ISO, ITL, COBIT etc.)
  • Familiarity or experience in software development
  • Threat management