Network Security Systems Engineer (Intrusion Detection)

Your Opportunity This opportunity is a senior level technical position supporting network security technologies. This role is part of the Cybersecurity Engineering organization at Schwab. This team, known as the Production Delivery Engineering team, is responsible for installing, configuring, monitoring, troubleshooting, case escalation, case management and problem resolution for assigned security technologies in support of the Security Operations' mission. In addition, the individual will be responsible for working with peers to resolve long-term strategy for the solution, and documentation of existing and new capabilities. Our team objective is to support the Schwab Cybersecurity vision through the execution of services in the following major security areas: Monitoring, Risk Analysis, Incident Response, Identity and Access and Security Integration Engineering. What you are good at

• Comfortable working and communicating multi-functional teams and internal business partners.
• Will be the point of contact for all technical support issues.
• Being the connoisseur for technologies such as full packet capture, network intrusion and netflow anomaly detection types of tools.
• Understand the SOC's operational and sustainment methodologies and processes and ensure their needs are met.
• Partner with the Security Information and Event Management, Security Operations and Automation teams in developing new security content use cases.
• Assist with closing visibility gaps identified through regular automated testing and help design tests for new content.
• Craft how your security tool can be harnessed more effectively to detect industry recognized Mitre Att&ck Framework attack methods.
• Security tool administration, automation, documentation, end-user training, and engineering.
• Participate in team on-call rotation and other duties as assigned.

• A minimum of 2 years' experience as authority for a network security technology in addition to a degree in network or telecom engineering, BS/BE degree in computer science, cybersecurity or related IT fields, or 10 years of related IT experience.
• Understanding of data security practices and NIST guidelines.
• Experience in designing and maintaining security systems.
• Strong scripting skills with a focus on system administration, task automation and security engineering on the Unix OS platform.
• Hands-on experience deploying and administering various applications in an enterprise environment utilizing a Dev, Test, Prod and Disaster Recovery/High Availability model is required.
• Experience with computer system administration including the ability to configure and resolve complex security issues within an enterprise in a geographically dispersed environment.
• Experience integrating technologies with a SIEM using RestAPI for data transmission.
• Security Tool Engineers are expected to understand how the tools they handle can be used to identify and address security concerns and to suggest these uses to the organization.
• Solid grasp of Infrastructure Security and its impact on Security Operations, vulnerabilities, reporting, analytics, and monitoring.