You will hunt for cyber threats in our networks using our suite of cyber tools. You will use your understanding of attack vectors to seek out threats looking to exploit those networks to gain unauthorized access to our sensitive data. This position requires creative thinkers who are able to develop and field new methods for detecting malicious activity. This is an opportunity to take a new approach to cyber defense and help us build a world class threat detection organization.
- Windows/AD file systems, registry functions, and memory artifacts
- Unix/Linux file systems and memory artifacts
- Mac file systems and memory artifacts
- Database, web application, cloud, and/or mobile device cyber incident response principles and techniques
- Cybersecurity automation
- Security Information and Event Monitoring (SIEM) utilities (e.g. Splunk, QRadar, etc.)
- Application, service, and machine log analysis
- Common application-layer protocols (e.g. DNS, HTTP, TLS, SMB)
- Network traffic metadata extraction and analysis using common packet capture utilities (e.g. Wireshark, tcpdump, Bro/Zeek, Snort, Suricata, etc.)
- Malware analysis using sandboxes or other capabilities
- Knowledge of Advanced Persistent Threat (APT) actors and associated tools, techniques, and procedures (TTPs)
- Experience with open-source and proprietary Cyber Threat Intelligence data, to include the use of threat taxonomies, models (e.g. MITRE ATT&CK), and Indicators of Compromise (IOCs)
- Experience with one or more scripting language (Bash, Python, Perl, PowerShell, etc.)
- Experience managing cases with enterprise SIEM or Incident Management systems
- Strong critical thinking skills
- Strong interpersonal skills with the ability to communicate technical issues to non-technical staff
- Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent experience
- eCTHP
$39K <= $59K <= $85K
$25K <= $32K <= $43K
$45K <= $69K <= $102K
$35K <= $54K <= $79K
£36,624 <= £41,999 <= £63,499
AU$78K <= AU$85,990 <= AU$99K