Senior Security Engineer - Cyber Defense (Remote Eligible)

What You'll Do

• Analyze threat intelligence data to understand adversary tactics, techniques, and procedures (TTPs).
• Rapidly analyze threat intelligence information within the context of the organization to assess potential risks, impact, and prioritize Security Incidents or important threat intelligence.
• Conduct threat hunting activities to identify and mitigate cyber threats.
• Collaborate with internal teams to enhance threat detection and response capabilities.
• Monitor and analyze security alerts from various sources to identify potential threats.
• Provide recommendations for improving security posture based on threat intelligence and hunt findings.
• Act as a senior technical resource in developing processes to proactively monitor, detect, and respond to security threats, including the ongoing refinement and enhancements of security controls and configurations for security monitoring systems.
• Monitor information security systems, alerts and indicators of compromise used to protect the network from attacks and identify compromised systems.
• Collaborate with Incident Responders to identify, develop, and implement incident response processes and procedures to mitigate security risks.
• Lead, develop, and mature the cyber threat intelligence function of the SOC.
• Identify, advise and contribute to system and alert tuning to ensure security related events are properly prioritized and addressed.
• Contribute to the ongoing development and enhancement of Cyber Threat Intelligence handling and associated CTI playbooks.
• Contribute to the execution activities in the areas of security risk identification, analysis, classification, and mitigation strategies.
• Advise customers on security requirements, internal security policies, and security best practices.
• Provide training and support related to security incidents, intelligence, and requests to other members on the team.
• Identify/receive problem, research alternatives, prepare analysis and determine best remediation actions to address issues at hand.
• Conduct risk assessments, interview internal and external customers to gain technical knowledge of security/compliance requirements.
• Develop and maintain threat intelligence reports and briefings; research and analyze data, report trends and vital information to management/business partner.
• Keep abreast of industry advancements and incorporate that knowledge into daily work activities.
• Research and stay abreast of emerging technologies, new vulnerabilities and exploits that may compromise internal systems.
• Track, analyze, and report security metrics and propose counter measures to address security trends that are not in line with company’s desire risk profile.
• Contribute to the evaluation, testing and implementation of new security systems and processes.
• Asist internal audit and disaster recovery activities as needed.
• Develop and maintain documentation for all assigned responsibilities.
• Required to perform duties outside of normal work hours based on business needs.

What You'll Bring

• Familiar working in a Security Operations Center (SOC) environment, using and analyzing alerts from various systems such as SIEM, Cloud Services, Email Security Gateways, Endpoint Security.
• Knowledge of query languages for the purposes of AD-Hoc threat hunting, confirming detection controls, and deploying new use cases in response to emerging threats
• Understanding of operational security best practices and use of common security technologies
• Experience in implementing Information Security technologies and/or processes
• Experience collecting, analyzing, and actioning cyber threat intelligence
• Experience delivering cyber threat intelligence briefings to various audiences
• Experience in product evaluations and analysis
• Excellent written and verbal communication skills
• Excellent interpersonal, relationship-building and teamwork skills
• Self-motivated; self-starter
• Ability to manage multiple tasks, respond quickly to emergent problems, and focus both on long-range projects and immediate tasks
• Proficient in Microsoft Word, Excel and PowerPoint
• Generally, requires a BS Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience
• Must have minimum 5+ years information security experience
• 2+ years of consecutive hands-on experience working in a SOC environment, utilizing industry leading network security monitoring technologies, application, web, database and Security Event and Information Management (SIEM), IDS/IPS, endpoint, email security gateways and DLP technologies.
• Certifications: Security+, GIAC, CEH, OSCP, CISSP preferred