At Rockstar Games, we create world-class entertainment experiences.

A career at Rockstar Games is about being part of a team working on some of the most creatively rewarding and ambitious projects to be found in any entertainment medium. You would be welcomed to a dedicated and inclusive environment where you can learn and collaborate with some of the most talented people in the industry.

Rockstar New York is looking for a dedicated SOAR (Security Orchestration, Automation and Response) Engineer to assist in driving our various security initiatives. The engineers are the primary technical resource for developing automation and response to detect, resolve and mitigate cyber security attacks within the SIEM . The successful candidate(s) will possess expertise on advanced data analytics, scripting, and development, and be able to work with the security teams.

The successful candidate is committed to keeping our games/services and users secure through defense and automation against hackers, exploiters, any and all troublemakers. If you consider yourself an expert and champion in SOAR automation, Purple Teaming, active hunting, security monitoring, security operations or any other security focused matters, this may be the job for you. This is a full-time permanent position based out of Rockstar’s unique game development studio in New York City..

WHAT WE DO

• The Rockstar Security team is responsible for protecting our internal systems, players, employees, and intellectual property.
• We support all Rockstar titles including Grand Theft Auto V and Red Dead Redemption from malicious actors and insider threats.
• We work closely with many teams on enforcing and supporting our security monitoring platforms.

RESPONSIBILITIES 

• Work in partnership with the internal security teams to design to identify opportunities for improvement.
• Develop, and implement automations for detection and response.
• Build new rules for existing data to enhance monitoring and alerting.
• Write automation in the SOAR to accelerate IR activities (Python, Bash, Powershell, Javascript).
• Identify log sources needed for collection for both Security and Compliance for the SIEM.
• Perform cleanup and sanitation of incoming log sources and events.
• Drive efforts to improve and further build out security monitoring tools.
• Auditing current rules for gaps in coverage and improving existing ruleset.
• Be the subject matter experts on the SOAR Platform and automation.
• Document all system changes in line with best practices for change management.
• Recommend, develop, and release new Use Cases to maximize the benefits and efficiencies from a SOAR platform.
• Support the day-to-day operations of the Security Operations program.
• Maintain knowledge of current security trends and be able to clearly communicate them to the team.
• Create reporting relevant to measuring the success of the program.
• Assist in conducting deep dive investigations, as required.
• Prepare detailed reports related to investigations and intelligence analysis.
• Assist in responding to emergency situations and security incidents.
• Develop and maintain incident response management policies and procedures.

QUALIFICATIONS 

• Experience with Splunk, Palo Alto/Demisto XSOAR, Splunk Enterprise Security or other SOAR platforms.
• A passion for security automation and a solid understanding of security incident response.
• Proficiency in programming and scripting languages common to security such as Python, Go, Bash, or Powershell, Javascript.
• Knowledge of security frameworks including MITRE Att&CK, NIST, etc.
• Working experience and knowledge of operating systems (e.g.: Windows, UNIX/Linux).
• Have a solid understanding of common vulnerabilities associated with operating systems and applications.
• Ability to perform network protocol analysis and raw data capture.
• Hands-on experience with various SIEM technologies.
• Hands-on experience with various SOAR technologies.
• Linux knowledge.

SKILLS

• Must be able to work independently as well as work as part of a fast-moving team.
• Ability to meet deadlines, time constraints, and periodic requirements.
• Experience planning, researching, and developing security policies, standards and procedures is a plus.
• Ability to learn and retain extremely technical information on multiple products.
• Detailed-oriented with strong communication, Interpersonal and organizational skills.
• Self-starter: ability to motivate others.
• Intense thirst for knowledge.

HOW TO APPLY

Please apply with a resume and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process.

Rockstar is proud to be an equal opportunity employer, and we are committed to hiring, promoting, and compensating employees based on their qualifications and demonstrated ability to perform job responsibilities.

If you’ve got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, or race.