Cyber Security DevOps Engineer (Insider and Digital Forensics)

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

• Infrastructure & Automation: Accountable for assisting the Insider Risk and Digital Forensics team in managing, building, and maintaining security tools and infrastructure that support Enterprise Cybersecurity with a focus on automation to aid in efficiencies and to enable senior security team members to focus on advanced tasks.
• Blue Team: Accountable for assisting in the execution of blue team exercises under the supervision of senior team members where needed.
• Security Research: Accountable for regularly monitoring the security community for, and researching, the latest assessment and exploit methodologies and sharing the information back to the team in the form of informal reports, newly written tools and/or attack techniques.
• Reporting: Accountable for preparing and delivering quality security information that comprehensively and clearly explains risk, demonstrates findings, and offers tactical and strategic recommendations to both technical and non-technical internal clients.
• Communication: Effective and professional communication of a variety of topics, including technical and non-technical information, to a wide variety of internal and external customers.
• Ad Hoc Incidents: Work in tandem with architects, the security operations center, incident responders, and technology infrastructure and development team members as necessary.
• Training: Attend training to stay current with technology and security trends.
• Metrics: Accountable for working with select team members to track, monitor, and report testing results in a meaningful way so that risk-based security metrics are delivered to the enterprise.

• Bachelor's or Associate's degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field or relevant experience
• 1-3 years of professional experience required
• Highly technical and analytical hands-on experience in prior professional, educational, or personal projects
• Capable of developing detection mechanisms against security threats
• Understanding of various attack methods and countermeasures
• Understanding of various security logs (SIEM, firewalls, proxies, active directory, etc)
• Understanding of networking concepts such as DNS, IP, NAT, VLANs, subnetting, etc.
• Experience with both Windows and Linux operating systems. Including familiarity with the command line
• Understanding of applicable frameworks including the "OWASP Top Ten" and MITRE ATT&CK
• Understanding of the OSI Model, web and network protocols such as TCP, UDP and HTTP/S
• Competency with one or more scripting/programming languages such as Python, JavaScript, Java, Ruby, Go, PowerShell, Bash, C#, C/C, etc.
• Fundamental understanding of cryptography controls and underlying concepts to secure data
• Fundamental knowledge of defense-in-depth design and operational concerns
• Ability to independently identify and resolve issues through effective problem-solving skills
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious, and adaptable
• Ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners
• Proven interpersonal savvy with demonstrated tact and diplomacy
• Strong written and verbal communication skills with the ability to interpret and fully explain the impact of vulnerabilities as well as any recommended remediation to multiple knowledge levels

• Collaborative team first environment
• Tons of room for career growth.
• We offer highly competitive compensation, including annual bonus opportunities
• Medical/Dental/Vision plans, 401(k), pension program
• We provide tuition reimbursement, commuter plans, and paid time off
• We provide extensive Professional Training Opportunities
• We offer an excellent Work/Life Balance
• Hackathons/Dedication to Innovation