Cyber Security Engineer

Position Description

The Cyber Security Technology Engineer position at Ally is a member of the Information Protection and Risk Management (IPRM) team and reports to a Manager of Cyber Security Technology. The Engineer works with a team to design and implement technical controls and tools to meet specific security requirements and defines processes and standards to ensure that security configurations and tools are maintained.

Job Responsibilities

The Cyber Security Technology (CST) engineer will support engineering solutions for Ally Endpoint Security efforts. Under direction from their manager and in-line with stated strategic objectives, the CST engineer will work with other engineers to successfully design and implement enterprise quality and standards-oriented project solutions on-time and on budget. The engineer will also be responsible for ongoing incremental engineering required to continuously achieve the best coverage and operation of the technology and will assist in troubleshooting system degradations and outages if required. Some (but not all) of the primary responsibilities the role will be primarily involved with are as follows:

Provide technical assistance for an enterprise client security health and standardization effort.

Creation and maintenance of security client enterprise deployment standards as part of the overall client health initiative.

Administration of employee monitoring and forensics infratructure (e.g., maintenance, configuration and monitoring)

Identification and resolution of incidents impacting the health of endpoint security clients or related components

Experience working with packaging and deployment technologies, including a deep technical understanding of well-designed deployables, staged deployments, packaging technologies for multiple operating systems, and unified automation strategies for maintaining the health of those clients.

Troubleshoot client health issues and work to maintain a standard for security client health.

Assist with efforts to improve automation and response activities regarding security client related incidents

Participate in developing and providing operational documentation to ensure a well-managed and mature security infrastructure, security packaging and automation standard.

Perform other duties and/or special projects as assigned

Technologies sets the role may secondarily support are as follows:

Data Classification tooling

Data Loss Prevention Solutions

Key and Certificate Management solutions

Mandatory Qualifications

Outstanding problem-solving and troubleshooting skills with a strong attention to detail and standards.

Minimum 7+ years of direct experience creating, troubleshooting, and debugging Windows Installer packages (tables, custom actions, etc.) via tools such as InstallShield (7 years).

Experience creating and troubleshooting enterprise-class Linux RPMs or standardized packages for multiple distributions (4 years).

Working knowledge of the Apple MacOS .pkg packaging standard and corresponding OS technologies (3 years).

Working knowledge of Microsoft Endpoint Configuration Manager (MECM/SCCM), Ansible and/or JAMF (3 years).

Knowledge and experience creating and maintaining policies, standard operating procedures (SOPs) and technical documents

Cross-functional understanding of security operations, security practices and the user experience

Experience developing support and standards documentation (e.g., detailed security implementation and deployment plans, test plans, and security-focused operational procedures and training materials)

Must be willing to work after-hours and weekends when technical issues arise which require immediate resolution

Desired Qualifications

Deep knowledge of PowerShell, bash/zsh scripting, Windows batch files. Python is not needed. (5 years)

Intermediate knowledge of SQL scripts for Oracle and MS SQL (3 years).

Experience creating enterprise-class PowerShell scripts working with multiple application APIs as part of a workflow or orchestration runbook (3+ years).

Understanding of performance counters and performance metrics for Windows, Linux and MacOS. (2 years)

Exposure to or working experience with an operational orchestration engine or workflows using standardized modules and enterprise database back-end for reporting and tracking of client health across OS platforms.