This role will work collaboratively with the MDR team to deploy and operate our systems, and help automate and streamline our operations and processes. The position focuses on building and maintaining tools for deployment, monitoring and operations, and troubleshooting and resolving issues in our dev, test and production environments.
Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries. The company has extensive experience supporting the alternative investment space, specializing in hedge funds, private equity firms and asset managers. Agio offers technology hosting, monitoring, management, helpdesk, disaster prevention and recovery, as well as managed security, 360° cybersecurity programs, virtual CISO (vCISO) support and cybersecurity consulting. With nearly 280 employees, the company is headquartered in New York, NY with its Network Management Center (NOC) in Norman, OK and Security Operations Center (SOC) in Raleigh, NC. For more information, please visit https://agio.com/.
- Leverage advanced knowledge of security operations, cyber security tools, and automation tools to integrate with the SIEM platform
- Automate workstreams with SOAR (Security Orchestration, Automation and Response)
- Internal-facing engineer will partner with cross-functional technical teams to share expertise and implement solutions
- Implement, manage and optimize Elastic SIEM, Beats and other components of the Elastic Stack
- Develop automation tools and processes that will support our cybersecurity engineers in building a platform that is reliable, scalable, performant and productive
- Automate infrastructure provisioning using tools such as Kubernetes
- Stay current with security technologies and make recommendations
- SIEM administration, configuration, and optimization experience with platforms such as AlienVault, IBM QRadar, ArcSight or LogRhythm
- Experience working with Elasticsearch, Kubernetes and containers such as Docker
- Linux command line experience
- Experience developing API integrations
- Experience and knowledge of public cloud environments, specifically Azure and/or AWS
- Experience working in an agile environment and possess a willingness to coach colleagues in agile processes and educate them in the DevOps culture of collaboration.
- Experience working in a remote, team-oriented, collaborative environment
- You appreciate good documentation of procedures and have strong communication skills.
- You are passionate about building a simple, high quality infrastructure.
- BS/BA in Information Security, Computer Science or related engineering discipline, preferred
- Three years of relevant IT experience working within a DevOps environment
- Financial services industry experience is a plus
- Managed security service provider (MSSP) experience is a plus
- Certifications or work toward any of the following are not required but desireable:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- Cisco Certified Network Associate (CCNA)
- Microsoft Certified Solutions Associate (MCSA)
- CompTIA Security+
- Azure or AWS certifications