Security Engineer - Scripting and Automations (Remote)

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com

Reporting to the Threat Detection Manager, the Security Engineer will work with our teams, including cyber threat intelligence analysts, SOC analysts, threat detection engineers, server and network administrators, security tool administrators, and department customers. You will have experience in incident response and understanding of security log feeds mapping the data into the SIEM.

You will:

• Understand data feeds of multiple security tools and logs that feed the SIEM & UEBA technologies. Identify capabilities and quality of these feeds and recommend improvements.
• Create new content use cases based on threat intelligence, analyst feedback, available log data, and previous incidents.
• Perform daily activities of the content lifecycle, including creating new use cases, testing content, tuning, and removing content; and maintain associated documentation.
• Improve vulnerabilities in various application environments.
• Collaborate with security teams and product SMEs to identify gaps within existing capabilities.
• Develop parsers/field extractions to facilitate reliable content development.
• Develop custom scripts to enhance default SIEM functionality.
• Participate in root cause analysis of security incidents and provide recommendations for new data sources and enrichment.

Qualifications:

• 5+ years of experience in security engineering or site reliability engineering.
• Excellent Terraform skills required and experience with Cloud Migration.
• Experience developing CI/CD pipelines for Infrastructure as Code.
• Knowledge of programming/scripting fundamentals (Python/Golang).
• Expertise in ETL onboarding for diverse log feed technologies.
• Support experience with Splunk platform administration, dashboards, applications, and use cases.
• Hands-on experience developing Rest APIs to capture data from external sources.
• Experience with Agile methodologies.
• Understanding of multiple log formats and source data for SIEM analysis.
• Solid background with Windows and Linux platforms (security or system administration).
• This role is remote from within the US.
• Competitive compensation package and bonus plan.
• Core benefits including medical, dental, vision, and 401K matching.
• Flexible work environment: remote, hybrid, or in-office.
• Flexible time off including volunteer time off, vacation, sick leave, and 12 paid holidays.

Our culture celebrates individuality. We focus on DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, recognition, and volunteering. Recognized as a Great Place to Work in 24 countries, a FORTUNE Best Company, and with a Glassdoor rating of 4.4 stars globally, we strive to create an inclusive environment where everyone can succeed. We are an equal opportunity employer and value diversity in our workforce. If you require accommodations due to a disability or special need, please let us know.