Skip to content

Senior Cyber Security Detection Engineer

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

As a Senior Security Detection and Automation Engineer, your role will include the continuous development and build-out of our security detection and alerting capabilities.

Primary Duties & Responsibilities:
  • Security Detection Engineering: Prioritizes and builds detection rules in the SEIM platform to identify malicious activities based on knowledge of the inner workings of cyber-attacks. Develops, maintains, and ensures the proper documentation of detection logic, rules, and alerts. Enhances and improves data quality from external sources in the SEIM by understanding the current best state of detection engineering and integration practices.
  • Blue Team: Accountable for assisting in the design and implementation of blue team exercises including independently leading components of the exercise.
  • Security Research: Accountable for regularly monitoring the security community for, and researching, the latest assessment and exploit methodologies. This work is concluded by sharing the information back to the team in the form of newly written tools and/or attack techniques via informal internal training sessions.
  • Reporting: Accountable for preparing and delivering the highest quality security information that comprehensively and clearly explains risk, demonstrates findings, and offers tactical and strategic recommendations to both technical and non-technical internal clients.
  • Communication: Effective and professional communication of a variety of topics, including technical and non-technical information, to a wide variety of internal and external customers including leadership from across the organization.
  • Ad Hoc Incidents: Accountable for working with the security operations center, incident responders, and technology infrastructure, and development teams as vital.
  • Metrics: Accountable for working with select team members to supervise, monitor, and report testing results in a meaningful way so that risk-based security metrics are delivered to the enterprise.
  • Training: Attend training to stay current with technology and security trends. Incorporates takeaways from training to improve interpersonal technology and processes.
  • Perform other duties as assigned.

Qualifications:
  • Bachelor’s degree with an emphasis in Information Security, Computer Science, or equivalent combination of education, training and experience.
  • 4-5 years’ experience
  • Highly technical and analytical hands-on experience in prior professional, informative, or personal projects.
  • Capable of developing detection mechanisms against security threats.
  • Understands frameworks, processes and abstractions for the design, implementation, and measurement of cyber-defense capabilities, such as MITRE ATT&CK, OWASP Top 10 and the NIST 800 series.
  • Capable of carrying out common charge methods to test countermeasures.
  • Understanding of various security logs (firewalls, proxies, active directory, etc.) and how those are mapped to common data models.
  • Capable of capturing and analyzing network traffic for malicious activities within the context in which the traffic occurred on the network.
  • Subject matter experience with the internal workings of Windows and Linux operating systems. Proficient with the command line operations.
  • Understanding of common application architecture models, including monolithic, three-tier and distributed patterns.
  • Understanding of the OSI Model, and the inner workings of common protocols, such as DNS, HTTP, DHCP, TLS or SMB.
  • Fundamental understanding of cryptography controls and underlying concepts to secure data.
  • Fundamental knowledge of defense-in-depth design and operational concerns.
  • Ability to independently identify and resolve issues through effective problem-solving skills.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious, and adaptable.
  • Ability to maintain and strengthen relationships; ability to efficiently influence and negotiate with internal and external partners.
  • Validated interpersonal savvy with demonstrated tact and diplomacy.
  • Strong written and verbal communication skills with the ability to interpret and fully explain the impact of vulnerabilities as well as any recommended remediation to multiple knowledge levels.

Our Benefits!
  • Highly competitive compensation, including annual bonus opportunities
  • Medical/Dental/Vision plans, 401(k), pension program
  • Tuition reimbursement, commuter plans, and paid time off
  • Extensive Professional Training Opportunities
  • Excellent Work/Life Balance
  • Hackathons/Dedication to Innovation

#LI-Post

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.