Job Description

If youre passionate about innovation and love working in an environment where you can constantly improve and adopt new technologies to drive business results, then Nationwides Information Technology team could be the place for you!

If youre passionate about innovation and love working in an environment where you can constantly improve and adopt new technologies to drive business results, then Nationwides Information Technology team could be the place for you!

At Nationwide, our Technology organization has been named one of the top 100 work environments for technology professionals by Computerworld magazine for the seventh straight year. We care deeply about doing whats right, and we work hard to make an impact for everyone: our associates, our members, our partners and our communities.

We are currently seeking a Cyber Security Orchestration and Automation Engineer to support our Information Risk Management business solution area. Lead SOAR Developer role will closely collaborate with other developers to build automation playbooks that support Nationwides Cyber Security Operations Center (CSOC).

Your responsibilities include, but are not limited to:

* Oversees team activities, revises work assignments and assigns duties to meet schedules, production goals or contract priorities
* Must be able to work independently as well as work as part of a fast-moving team
* A passion for security automation and a solid understanding of security incident response
* Integrating security systems with threat intel and threat hunting tools and solutions
* Integrate SOAR platform with other security tools and APIs to execute automated workflows
* Author, test, and maintain automation scripts/workflows within SOAR platform
* Design, implement, and maintain efficient and reusable Python code
* Measure effectiveness of process improvement and automation efforts via metrics and KPIs
* Effectively and efficiently design and implement process automations, create supporting technical documentation and redundancy controls
* Interface with Incident Response teams to design, test, and implement case management with workflow orchestration and automation
* Design, develop, and test scripts and other solutions to support CSOC mission and activities
* Accurately troubleshoot to diagnose and resolve problems with process automations, case management issues, scripts, and other custom solutions that support CSOC operations
* Identify technology and process gaps that affect CSOC services; develop solutions and make recommendations for continuous improvement
* Experience with Splunk, Splunk Enterprise Security, Splunk Phantom and/or Splunk User Behavior Analytics is a plus
* Experience planning, researching and developing security policies, standards and procedures is a plus
* Detailed-oriented with strong communication, Interpersonal and organizational skills
* Must participate in a 24x7 on-call rotation
* Experience with other security solutions, such as EDR, SASE, firewalls, DLP, NAC, IDS/IPS, and vulnerability assessment tools
* Knowledge of security frameworks and standards, including MITRE ATT&CK, OWASP, and NIST

Minimum requirements

What youll bring to the role:

* Proficiency in programming and scripting languages such as Python, PowerShell, REST APIs
* Experience documenting security runbooks, standards, guidelines, and best practices
* Excellent communication and interpersonal skills
* Understanding of SOC and SOAR processes and workflows
* Ability to autonomously prioritize and successfully deliver across a portfolio of projects
* Expertise implementing and managing SIEM/SOAR solutions such as Splunk, Phantom, and MS Sentinel
* Strong proven experience with operating systems such as Windows, Unix/Linux, and MacOS, as well as a strong understanding of databases
* Experience developing solutions with SIEM tools (Splunk, GuardDuty, Sentinel, etc.).
* Experienced IT administration with broad and in-depth technical, analytical and conceptual skills.
* Experience in reporting to and communicating with senior level management on incident response topics.

Compensation: G4

Job Description Summary

If youre passionate about delivering technology solutions to support a company providing extraordinary care to its customers, then Nationwide Technology is the place for you. Our industry-leading technology workforce embraces an agile work environment and a collaborative and inclusive culture to deliver outstanding solutions and results. If that sounds like something you aspire to, we want to hear from you!

The Cyber Operations Professional sits at the frontline protecting Nationwide's members and data! You will be immersed with incident response, cyber strategy and guidance, defense optimization, and scanning and exploitation. The Cyber Operations Professional also provides enterprise services in forensic investigation, attack and penetration, vulnerability scanning and response, cyber defense, security intelligence, security operations and infrastructure risk management.

Job Description

Key Responsibilities:
1. Responds to cyber incidents using industry recognized methodology (example is PICERL (Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned)).
2. Creates uplift of cyber security detection and alerts for ongoing prevention of Cyber Security threats.
3. Executes the automation of containment of cyber security events.
4. Manages and supports vulnerability management via tools and processes and proactively identify vulnerabilities in the environment.
5. Plan and conduct red, blue and purple team activities to enrich detection and prevention controls.
6. Identification of critical log sources and system events used for creation and tuning of cyber security detections.
7. Leads and develops initiatives as part of the overall cyber operations strategy.
May perform other responsibilities as assigned.

Reporting Relationships: Reports to Manager, Risk Leader or above.

Typical Skills and Experiences:
Education: Undergraduate studies (bachelors degree preferred) in cyber security, management information systems, engineering, math, computer science, data analytics or comparable experience and education strongly preferred. Graduate studies in cyber security, computer science or a related field are a plus.

License/Certification/Designation: Preferred certifications include: Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certified Intrusion Handler (GCIH), Digital Forensics Investigation: EnCaseCertified Examiner (EnCE) certification, GIAC Strategic Planning Policy and Leadership (GSTRT), GIAC Security Expert (GSE), Certified Cloud Security Professional (CCSP), AWS Certified Cloud Practitioner, AZ500.

Experience: Six or more years of experience in Technology, with four or more years in Cyber security. Experience using Windows and Linux/Unix operating systems, administration and tools. Successful candidates will also have experience with network configurations, protocols, scripting, web application security, network security, firewalls, and network topology from both physical and logical viewpoints, scripting in PowerShell, Python, Bash and Windows Batch.

Knowledge, Abilities and Skills: Ability to make decisions and recommendations. Aptitude to influence, build partnerships and set priorities. Excellent communication skills to interact with all levels of associates, senior management and/or vendors. Insurance/financial services industry knowledge a plus.

Other criteria, including leadership skills, competencies and experiences may take precedence.

Staffing exceptions to the above must be approved by the hiring managers leader and HR Business Partner.

Values: Regularly and consistently demonstrates the Nationwide Values and Guiding Behaviors.

Job Conditions:
Overtime Eligibility: Exempt (Not Eligible)

Working Conditions: Normal office environment.

ADA: The above statements cover what are generally believed to be principal and essential functions of this job. Specific circumstances may allow or require some people assigned to the job to perform a somewhat different combination of duties.

EQUAL OPPORTUNITY EMPLOYER:
Nationwide is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive culture where everyone feels challenged, appreciated, respected and engaged. Nationwide prohibits discrimination and harassment and affords equal employment opportunities to employees and applicants without regard to any characteristic (or classification) protected by applicable law.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.