Security Engineer

Region: Shelton, CT Ready for a fresh, new career? Look no further because one of the world’s most iconic brands can help you get there. Why Join Us? At Subway, “better” is baked into our DNA. We are a brand that believes in continued improvement … in our lives, our businesses, and our planet. From the handshake that started our very first sandwich shop to earning our position as one of the world’s leading restaurant brands, we’ve always embraced change and the path ahead. And today, we're making better living way easier. Our purpose is about more than the food we serve in our restaurants. It’s centered on fueling healthy businesses and healthier lives. It is one of the most exciting times to join the Subway team and contribute to our transformational journey. About the Role: We have an exciting opportunity to support our Information Security team as a Security Engineer based in Shelton, CT. We are seeking an experienced, highly skilled Information Security Engineer to serve a foundational role in building, implementing, and managing our threat detection capabilities or opportunities. An ideal candidate for this role is curious, accountable, motivated, and proficient in their craft. Applicants are adept with event data management and telemetry controls for networks, operating systems, software, data systems, CI/CD and VCS, SaaS and various Enterprise technologies. An ability to skillfully apply analytical logic and engineering techniques for the purpose of detecting threats throughout the entire Cyber Kill-Chain is desired. This role necessitates a challenge-seeking mindset, with an intuitive sense of urgency and an ability to adapt quickly to threats while operating well-organized, mature engineering practices. Collaborating both laterally and vertically in the department is a crucial aspect of this role. The Security Operations and Information Security department consists of high-performance, adaptive, and creative team members. As a member of the team, a desire for seeking opportunities of contribution and knowledge building is an important purpose of your role. If you feel that this is the role for you, and you are successful with your application, be ready to be Bold, Empowered, Accountable, and ready to have Fun in a fast paced and agile working environment.   Responsibilities include but are not limited to: Subject matter expert in interpreting SIEM, EDR and other telemetry tooling events, facts or observations.  Analyze patterns and behaviors in a variety of data flows and events from networks comprised of NGFW, cloud service provider resources, and edge network infrastructure.  Perform reverse engineering of complex behaviors and scenarios within Windows operating systems of a global Enterprise environment.  Manage threats using industry best practices and platform controls such as Microsoft 365 workforce software, messaging, email, endpoints, data protection and access controls.  Perform analysis and examine timeline observations to confirm any threats from weakness or attack within cloud service provider systems such as Azure and AWS.  Provide Incident Response support and serve as an escalation point for SOC Analyst triage workflows and threat validation.  Design, build and manage new detection capabilities in cybersecurity toolkits.  Routinely apply feedback and results from threat detection to improve accuracy.  Measure the progress and efficacy of our threat detection capabilities to meet objectives.  Research and test methods to proactively reduce threats through innovative techniques and automation opportunities.   Qualifications (some examples listed below): Bachelor's degree in a related field required. Ability to assess exposure to threats in practical terms for impact and prioritization of detection engineering.  Expertise in Enterprise systems operation (such as Microsoft 365, Azure DevOps, GitHub, Amazon Web Services, and Okta IDaaS) and an ability to discover their potential threats to develop new capabilities for detection.  Expertise in networking topics such as the OSI stack, TCP/UDP protocols, OSPF/BGP, access controls, and NGFW (Palo Alto) threat management.  Expertise in endpoint threat detection and response (such as Carbon Black, CrowdStrike and Microsoft Defender). Expertise in cloud threat detection and response (such as Microsoft Defender for Cloud, AWS GuardDuty, Dynatrace and Wiz).  Expertise in software release management and CI/CD processes (such as ServiceNow ITSM, Azure DevOps and GitHub).  Utilizing threat intelligence signals for improving detection capabilities.  Keen sense of urgency and ability to thrive in high-energy and rapid response situations.  Strong knowledge of sensitive data types and terminology in Data Management and Data Governance.  Strong knowledge of offensive and defensive cybersecurity practices and routines.   What do we Offer?   Insurance Plans (Medical/Life) Pension/401K/RSP (country specific) Competitive Bonus Mobility Allowance Tuition Reimbursement Company Holidays Employee Resource Groups Volunteering time And Many More…..     The Company is only considering applicants who are currently authorized to work in the country the position is based. AA/EOE/M/F/D/V   Actual pay is determined based on a number of job-related factors including skills, education, training, credentials, qualifications, scope and complexity of role responsibilities, geographic location, performance, and working conditions.