Sr Security Automation Engineer

About the position We are the duck. We develop and empower our people, cultivate relationships, give back to our community, and celebrate every success along the way. We do it all…The Aflac Way. Aflac, a Fortune 500 company, is an industry leader in voluntary insurance products that pay cash directly to policyholders and one of America's best-known brands. Aflac has been recognized as Fortune’s 50 Best Workplaces for Diversity and as one of World’s Most Ethical Companies by Ethisphere.com. Our business is about being there for people in need. So, ask yourself, are you the duck? If so, there’s a home, and a flourishing career for you at Aflac. Work Designation. Depending on your location within the continental US, this role may be hybrid or remote. If you live within 50 miles of the Aflac offices located in Columbus, GA or Columbia, SC, this role will be hybrid. This means you will be expected to work in the office for at least 60% of the work week. You will work from your home (within the continental US) for the remaining portion of the work week. Details of this schedule will be discussed with your leadership. If you live more than 50 miles from the Aflac offices located in Columbus, GA or Columbia, SC, this role will be remote. This means you will be expected to work from your home, within the continental US. If the role is remote, there may be occasions that you are requested to come to the office based on business need. Any requests to come to the office would be communicated with you in advance. What does it take to be successful at Aflac? Acting with Integrity Communicating Effectively Pursuing Self-Development Serving Customers Supporting Change Supporting Organizational Goals Working with Diverse Populations Responsibilities • Lead Global Security Operations SOAR growth and maturity, actively improving our security monitoring and incident response capabilities. • Take lead in designing, implementing, developing and maintenance of the SOAR platform • Actively collaborate with Global Security teams to identify automation opportunities, create workflows and deliver fully tested automations that lead to efficiency gains. • Proactively work with security teams to identify and implement monitoring use cases, incident response procedures, playbooks and other technical documentation. • Provides ongoing engineering support for automation platform(s). • Take lead role in Post Incident Reviews and contribute to process improvement when new requirements are identified. • Act as subject matter expert in multiple security technologies and processes. • Performs other related duties as required. Requirements • Strong experience with scripting languages such as Python, Powershell and JavaScript • Knowledge of web-services such as API and REST • Experience with development in a SOAR platform • Experience with GIT or other version control systems • Hands-on technical experience with commercial SIEM products, which should include defining and writing alert queries in addition to daily use for security investigations • Familiarity with the following technologies: SIEM Active Directory Firewalls Network Protocols IDS/IPS, Pcaps Email monitoring technologies VPN and Cloud technology Open Source security tools Forensic tools • Proficiency in using Microsoft products. • Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols • Familiarity with Windows and Linux command line environments • Excellent interpersonal and communication skills, written and verbal including ability to interact with a diverse group of individuals with varied levels of understanding and authority within customer institutions. • Knowledge associated with a Case Management system • Bachelor's Degree in Computer Science, Information Systems, Cyber Security or other related field • 6+ years of IT Security analyst/engineer experience • Proven working knowledge within a Security Operations and/or Engineering, including monitoring, incident response and engineering security solutions • Vendor Management Experience to include establishing and ensuring SLA/SLO levels are met • Strong knowledge in identifying enterprise threat landscape as well as anatomy of cyber-attacks methodology • Experience interfacing with pier support teams (Security Engineering, Operations, Threat Intel, Access Management, Legal, Governance, etc • Familiarity with enterprise level information security best practices and security frameworks (i.e. Acceptable Use Policies and etc.) • Or an equivalent combination of education and experience Nice-to-haves • Technical certifications such as GCIH, GCFA, CISSP are a plus Benefits • medical • dental • vision coverage • prescription drug coverage • health care flexible spending • dependent care flexible spending • Aflac supplemental policies (Accident, Cancer, Critical Illness and Hospital Indemnity offered at no costs to employee) • 401(k) plans • annual bonuses • an opportunity to purchase company stock • 11 paid holidays • up to 20 days PTO • state-mandated sick leave