KLM Careers Looking for Lead IT Security Engineer (Python/Automation) at Chennai, Tamil Nadu

• This position is to be a Senior Automation Engineer for the Cybersecurity Operations Team (on the Enable Squad) and is responsible for identifying, analyzing and creating automation solutions for Cybersecurity operational activities, as well as investigate complex security issues to be remediated through automation.
• A solid understanding of both advanced and emerging cyber orchestrations and automations methods as well as scripting capabilities to support these needs will support the delivery value for the DTCC.

Responsibilities:

• Improve the overall security posture by enhancing communication and automation between various security monitoring and alerting tools in the environment.
• Assess and implement automation to eliminate manual or mundane tasks.
• Develop highly extensible, scalable, and secure Cloud-based A&O services that can be adopted and integrated in a wide range of Cybersecurity use cases.
• Define, document, and implement appropriate delivery, alarming, reporting, and automation of security-relevant log information.
• Partner closely with the React and Protect Squads as well as other Cybersecurity Engineering Squads to identify opportunities for automation and eliminate human touch.
• Align risk and control processes into the day-to-day responsibilities for monitoring and mitigation of identified risks and escalate appropriately where/ when necessary.

Requirements:
1. Minimum of 5 years of related experience

2. Bachelor’s degree preferred equivalent experience desired

3. Proficiency in Python scripting Working knowledge of REST APIs, JSON, HTML/CSS, Java-script, XML, Terraform and/or YAML.

4. Experience working with automation solutions such as Cortex SOAR, Phantom, etc

5. Solid background in cybersecurity technologies, understand security operations, incident response, threat management, and enterprise IT and security engineering.

6. Experience with JSON, PowerShell, MS SQL and VB scripts.

7. Experience in AWS (IAM, Config, CloudTrail, CloudWatch, Guard duty, WAF, S3, Lambda, RDS, and more).

8. Demonstrated ability to perform and document manual and automated security testing

9. Understanding of cloud and networking, web-based content delivery platforms and filesystem operation, architecture, patching and security

10. Experience in application security and security testing technologies and techniques.

11. Experience in deploying cloud-native and third-party technologies to secure cloud platforms and workloads in AWS and/or Azure.

12. One or more of the following certifications highly desired: Cloud (AWS, Azure, Google Cloud Platform); SIEM (Splunk Certified Architect, Splunk Core Certified Consultant, Splunk Trust Member, Elastic Certified Engineer), CISSP.

13. Must be a US Citizen or Green Card holder.