Job description
We seek a Threat Hunter / Threat Engineer for our client. In this role you will navigate the complexities of offensive cybersecurity operations, pushing boundaries and exploring uncharted territories.
Requirements:
10+ years of cyber security experience (preferably focused on detection, malware analysis, incident response, and/or threat intelligence)
5+ years of experience leading security practitioners and detection functions
Knowledge and experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions
Experience with incident response in cloud environments in Azure platforms would be great to have.
Experience coordinating with DevOps and Application Security teams to drive enhancement of preventative and detection capabilities.
Proven experience in coordinating Incident Response activities, or working in a SOC environment, or performing forensics in an enterprise environment.
Prior experience with threat indicator management platforms
Strong scripting experience with languages such as PowerShell, Python, GoLang, Ruby, etc.for analyzing Malware
Advanced knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools
Prior operational experience leveraging threat intelligence to detect and respond to adversaries as well as established experience in new threat detection.
Expertise in tools and techniques for analyzing large sets of data
Perform software testing (patches, other updates), Troubleshoot OSI layer and TCP/IP related problems etc
Integrate security products, including designs for all organizational networks as well as designing, engineering, planning, integrating, configuring, testing, and deploying
Responsibilities
You will drive our detection strategy, having an ownership role in our future direction in this critical capability
Work with threat intelligence, detection engineering and security controls team to build a holistic lifecycle around incident preparedness and resolution
Help our customers understand how cyber threat intelligence fits into their organization, whether as a core part of their mission or as an important function in their security organization
Perform analysis of all security systems log files, review, and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop, and modify new and current cyber security correlation rule sets, and operate security equipment and technology
Collaborate closely with our cross functional teams, stakeholders and Customer Advisor teams to facilitate positive outcomes for internal and external customers
Drive innovation for our products and services to streamline processes, improve reliability and efficacy of our tools, and reduce noise