Expert Cyber Security Analyst - Threat Hunter at Adobe
Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.
We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!
Adobe is looking for expert threat hunters to play an active role in detecting sophisticated Cyber threats to our global commercial enterprise networks. Cyber threats are evolving, and perimeter security and automated protection are not enough—it’s time to go threat hunting! Adobe needs advanced threat hunters with strong foundation in management of, attacking, and/or defending cloud based infrastructure. Threat hunting is a proactive security search through large datasets to seek out malicious or suspicious activities that existing tools may not be suited to detect and remediate. Rather than sit back and wait for threats to strike, threat hunters understand the behaviors of threat actors and actively seek to find sophisticated adversaries. Cyber threat hunting aggressively assumes that a breach has or will occur and hunt for threats rather than deploy the latest tool.
What You Will Do:
In this role, you will be responsible for helping to design, build, and deliver major components of Adobe’s cloud and corporate threat hunting strategy. You will also advise on critical security design aspects, policy adjustments, and architectural transformations that will have lasting impact Adobe’s global security posture. You will have the opportunity to design innovative detective, preventative, and proactive controls while developing new and novel detection techniques to identify and stop sophisticated adversaries. You also will be working in concert with data scientists to build, improve, and evolve analytical models. We look to you to provide leadership and mentorship to the team and act as a resource for other team members. You will conduct proactive, and iterative hunts through cloud and enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools.
What You Will Need to Succeed:
- Deep understanding of internals and constructs of Linux, MacOS and Windows
- Experience in administering, attacking, or defending Cloud/AWS/Azure/GCP
- Excellent at writing complex search or analytics for popular SIEM solutions.
- Deep understanding of variety of logs coming from cloud, network or endpoint devices.
- Expert level understanding of advanced attacks and defense techniques.
- Advanced knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc
- In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS
- Proficiency in bash and at least one interpreted programming language (Python, Ruby, etc)
- Teamwork and ability to promote a working environment that increases collaboration, predictability, clarity and promotes a culture of experimentation, innovation, and trying new things.
- Relevant security certifications (OSCP, OSCE, GPEN, GDAT, GXPN, GREM, GNFA, GCFA, CCTHP)
- U.S. Federal contract requirements apply