Cybereason gives organizations the upper hand by taking an entirely new approach to cybersecurity with AI Hunting, the first AI-powered technology that answers the question “Am I under attack?” proactively, without manual effort.
We are the DEFENDERS.Cybereason Defense Platform provides unified protection for the endpoint, across the enterprise to everywhere the battle moves.
Cybereason Endpoint Detection and Response (EDR) analyzes all activities on the endpoint and across the enterprise in real-time to identify and stop malicious operations. We are looking for a strong individual that can support our best-in-class XDR platform.The individual will have worked on big data platforms, understand end-to-end advanced attack campaigns, and kill chains while possessing extensive knowledge and understanding of a wide range of security products. The individual may have supported SIEM products for an MSSP, manufacture, or end-user in the past. Furthermore, the engineer knows and understands the importance of a fully functional XDR platform.ResponsibilitiesThe Senior Support Engineer will be responsible for troubleshooting a wide range of capabilities, from product defects, configuration errors, inbound pipeline ingestion problems, to automatic correlation, and AI tactic and technique mappings. A successful Senior Support Engineer is expected to take escalated cases, troubleshoot issues, and own field problems through to completion. As well as an escalation point, the senior support engine will also be a mentor for the level 1 and level 2 support engineers. In combination, the Senior Support Engineer will also be responsible for the interaction between Google Chronicle and the XDR support team, understanding when an issue needs to be handled internally, versus escalated to Google Chronicle.In this capacity, the Senior Support engine will:
- Be the XDR support expert, advising customers on 3rd part integration necessary to provide “full coverage”.
- Support remediation scenarios where plugin support is and is not available
- Own escalated cases from beginning to end.
- Be the escalation point, for all unsolved cases.
- Support advanced kill chain configuration scenarios.
- Be the escalation liaison between support and Cybereason RND.
- Open and maintain support cases with Google.
- Be the subject matter expert (SME) for Google Chronicle and Elasticsearch.
- Bachelor’s degree preferred.
- Minimum 3 years relevant work experience in the XDR/SIEM security domain.
- At least 2+ years of support experience working on a wide range of security products.
- Experience working with, within, or developing and implementing SOC and in-house SIEM rules.
- Passion for problem-solving: creative, comfortable with ambiguity, and being a change agent.
- Working knowledge of big data platforms such as Google Chronicle, or Elasticsearch is a must.
- Certification of big data platforms such as Google Chronicle, Elasticsearch, or Splunk is desirable.
- Certification in Security/Networking such as CISSP, CISA, or other security-specific vendors/product certifications is desirable.