fulltimejobs.com
Jobs in Australia Jobs in Canada Jobs in China Jobs in France Jobs in Germany Jobs in India Jobs in Indonesia Jobs in Japan Jobs in Malaysia Jobs in Pakistan Jobs in Philippines Jobs in Russia Jobs in Singapore Jobs in Taiwan Jobs in Thailand Jobs in U.K. Jobs in USA Jobs in World Wide

Job Details
Email to Friend Save Back

Senior Security Engineer - Threat Intelligence

NEW YORK-10009, NY, US
 10/16/2019

-

Required Skills

    Network IDS
Company

Infinity Consulting Solutions, Inc

Experience

-

Job Description

Our client is a financial, software, data, and media conglomerate that has been an industry leader for the past 20+ years. They are currently looking to add a security engineer-Threat intelligence to their CISO's team in midtown NY.

The Cyber Security Operations Center (CSOC) works to understand the cyber threats we face as an organization, develops instrumentation for detection and monitors events 24x7 looking for suspicious activity.

If an incident is confirmed, our goal is to respond effectively to reach the best outcome in a timely manner ensuring appropriate stakeholders are involved as required.

We report into the CISO, but work closely with Engineering, Legal, Compliance and many others across the organization to help unify security event management and incident response.

Our colleagues depend on us to be incident response pros that have a deep understanding of IT networks and systems.

On any given day we analyze cyber security events, hunt for suspicious activity, research and disseminate threat intelligence, create / improve detection rules and create / automate response procedures.

What's the Role:

As a Security Engineer within the CSOC, you'll be responsible for the development of new methods and tools to detect suspicious and malicious events occurring on our networks and systems.

This involves the analysis of raw security events and data emitted from various host and network sensors in our environment.

You will also be expected to analyze new threat intelligence reports for use in threat hunting and new detection efforts and respond to incidents providing expert level analysis of file, host, and network artifacts.

You'll need to have:

A passion for exploring and parsing data; analyzing and developing new methods to detect the latest attack techniques and tactics used by adversaries.

Prior experience creating and refining detection rules leveraging enterprise search products

The desire to analyze threat intelligence to extract TTPs and Indicators and leverage them in new detection and hunting efforts.

Previous experience with deep file, host, or network level analysis.

A solid understanding of Windows, Linux, and Mac operating systems.

Previous experience with enterprise search technologies such as Splunk and Elastic Stack (ELK)

Experience with scripting and automation (Python preferred) and working with data formats such as JSON and XML.

We'd Love To See:

Deep knowledge of Enterprise network and host security controls and detection techniques.

A background in attacker tools and techniques leveraged against enterprise environments.

Experience performing malware analysis and/or protocol analysis

Prior experience performing threat hunting operations

Prior experience with in Red Team/Blue Team and/or Purple Team exercises.

Experience with Endpoint Detection and Response (EDR) tools e.g. osquery, sysmon, Carbon Black, Tanium, Falcon, etc.

Experience with Network IDS, protocols, filtering and packet capture devices e.g. Snort, Suricata, NetWitness, Bro, etc.

Familiarity with development processes and environment tools such as Git, Jira, Jupyter hub/notebooks.

Security Architect
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
10/10/2019
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY
- 
Email to friend Save Back