Engineer (Network Visibility)
What We'll Bring:Summary
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation – we’re consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our Information Security team – you’ll work with great people, pioneering products and cutting-edge technology. As a Lead Engineer at TransUnion, you will be a part of our Network Security team to increase our current network visibility, which is key to meeting and providing the metadata, packet capture & retention aspects for cyber security and threat detection across enterprise. In addition to on premise visibility tools, you will have opportunity to contribute to technology modernization by moving network visibility tools to a variety of cloud solutions like AWS, Azure, Google Cloud and alike. This is also a great opportunity to leverage your programming experience in security domain.
What You'll Bring:
- Assist global architecture and deployment of Network Detection & Response (NDR)/Forensic tool working in close conjunction with security architecture, vendors and internal stakeholders
- Perform hardware capacity planning, identify network paths and capture needs, assess data retention, optimizing NDR platform, upgrades, integrate with monitoring/alerting tools and troubleshoot issues.
- Act as an escalation point for the Network Visibility team to assist and advice on the most complex issue associated with network visibility. Provide Tier 1/2 engineering support as needed.
- Agile project planning & delivery.
- Work in close collaboration with other sub-teams within network security and internal/external stakeholders.
- Experience and knowledge of leading, implementing & testing forensic tools like ExtraHop & Netwitness in on premise and cloud environments.
- In-depth understanding of Networking protocols, ISO Model (Layer 1 to Layer 7) and great knowledge on network firewall concepts and configuration. Strong network skills understanding VLANs, Subnets, VPN concepts and packet captures "PCAP" and Meta data.
- Strong triaging and troubleshooting skills.
- Strong knowledge of Information Security concepts, risk identification, assessment and reporting activities.
- Ability to support the development of information security awareness training materials.
- Support developing incident response plans. Ability to improve effectiveness in incident response practices. Be a champion of continuous improvement initiatives.
- Good understanding of Linux command line and bash script.
- Able to conduct research and support development of information security policies, standards, procedures, and/or guidelines.
- Ability to demonstrate technical knowledge and consultative skills.
- Strong communication skills with ability to communicate to technical and non-technical audience. Able to perform parallel tasks, quick learner, and a team player.
- Basic understanding of Agile for planning project work.
- Bachelor’s degree in Engineering, Computer Science or Information Technology
Impact You'll Make:
We’d love to see:
- 2+ years as a security engineer
- 3+ years of networking experience, including designing, configuring, optimizing network visibility as a relates to Network Forensics data capturing and providing support to Cyber Threat team at an enterprise level.
- 3+ years of network protocols and ISO model (Layer 1 to Layer 7).
- 2+ years of working in a Security Operations Center (SOC) & tier 3 support
- 1+ years of experience working on projects with agile methodologies.
- 1+ years of experience with cloud technologies like AWS, Azure, GCP.
- Certifications: CCNA R/S, CCNA Security, CompTIA security plus, CISSP, AWS, Azure, etc.
- Experience with cloud automation in security domain. Experience with security programming using REST API’s and automation & scripting using PERL, Python, Ruby, Ansible and Terraform. Strong DevOps experience.
- Experience with SAFe for agile execution.
Additional Job Description:
- In the first 90 days – Ramp up to project specifics and contribute to forensic tools deployments and troubleshooting issues. Participate in solution architecture to move visibility tools to the cloud.
- Beyond 90 days – Implementing strategies to improve Network Visibility work independently across TU regions with support from local resources. Participate in Tier 1/2 support activities and BAU as needed. Work with SOC as needed. Assess global visibility gaps and propose solution.
TransUnion Job TitleEngineer, Info Sec Engineering