Senior Security Engineer, Anomaly Detection

工作概要:

Who We Are

We are seeking a skilled and experienced Senior Security Engineer with a specialization in threat hunting to join our our GIS Anomaly Detection Team. In this role, you will be responsible for proactively identifying and mitigating security threats across the enterprise. Your expertise in threat hunting will be crucial in detecting anomalous and malicious activities before they can impact our systems and data. You will work closely with various teams to develop and refine security measures and contribute to the enhancement of the company’s overall security posture.

What You Will Do

• Threat Hunting: Lead and execute advanced threat hunting initiatives to proactively identify and investigate potential security threats, vulnerabilities, and malicious activities within the enterprise environment.

• Detection and Analysis: Utilize advanced tools and techniques to analyze security data, detect anomalies, and assess potential threats.

• Rule Development: Work closely with the threat detection team to create and enhance security rules and detection signatures. Focus on developing use cases for comprehensive threat detection and ensure the automation of detection processes to improve efficiency and accuracy.

• Cyber Threat Intelligence Collaboration: Partner with the CTI team to integrate threat intelligence into detection and hunting processes. Use threat intelligence to inform and enhance threat hunting activities, identify trends, and adapt strategies to emerging threats.

• Incident Response: Collaborate with the incident response team to provide expert analysis and recommendations during security incidents. Contribute to the development of incident response plans and procedures.

• Collaboration: Work closely with various departments and segments to enhance security measures and ensure a unified approach to threat detection and response. Collaborate via various means, including but not limited to messaging, email, and video calls. Share insights and findings to improve overall security posture and stay up-to-date with cybersecurity trends. Propose improvements to security practices and tools.

• Continuous Improvement: Stay up-to-date with the latest cybersecurity trends, threat intelligence, and emerging technologies. Propose and implement improvements to security practices and tools based on evolving threat landscapes.

• Documentation and Reporting: Maintain comprehensive documentation of threat hunting activities, findings, and recommendations. Prepare detailed reports for stakeholders and management.

Must Have

• 5+ years of experience with a focus on threat hunting or incident response

• Experience working with large enterprises or cybersecurity firms

• Solid understanding of cybersecurity frameworks and standards (e.g., MITRE ATT&CK, NIST)

• Proficiency in at least one scripting language (e.g., Python, PowerShell, Bash)

• Experience with threat intelligence platforms and SIEM systems

• Familiarity with endpoint detection and response (EDR) tools

• Basic knowledge of network traffic and Operating System analysis

• Effective communication skills for conveying findings to technical and non-technical stakeholders

• Relevant certifications or equivalent training, such as CISSP (Certified Information Systems Security Professional) or GIAC GCIH (GIAC Certified Incident Handler)

Nice To Have

• Experience with advanced persistent threat (APT) investigations

• Experience in red teaming operations, including penetration testing and vulnerability assessments

• Experience in kill chain analysis, network traffic analysis, Active Directory and Operating System analysis

• Experience with cloud security and securing cloud environments (e.g., AWS, Azure, Google Cloud)

• Ability to mentor junior team members and present findings to executive leadership

• Additional training in advanced threat hunting methodologies and cybersecurity tools

Education

• Bachelor’s degree in Computer Science, Information Security, or a related field, OR relevant certification and experience.

The hiring range for this remote position is $117,998-$182,050 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.