Address
Form of workJob Description
Description:
Security Engineer, Detection
Clientinformation security is looking for a candidate who will assist with the design, implementation, security and ongoing support of the Cyber Security detection program and processes within the Global Information Security Team.
This position will work directly with teams inside and outside of GIS as part of our overarching security strategy for Threat Management and Response, Data Science, and GRC initiatives.
The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, security incident response, and developing/automating creative solutions. As a Threat Detection Developer, you will be expected to be skilled at identifying security detection gaps in infrastructure and applications, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units. We use our big data platform, based on open source technologies like Apache Flink, Kafka and Hadoop, to build the majority of our security detections. We also use our own data analytics platform built on Hadoop and other security tools like Splunk to build a smaller set of security detections.
Responsibilities:
Research and keep up to date on threat actors and new TTPs based on MITRE Telecommunication&ck framework; Perform detailed analysis of threats, using sound analytical skills, knowledge and experience.
Develop security specific content necessary to implement Threat Detection Alerts on our security alerting platform
Gather, maintain, and analyze cyber-security data and other key performance indicators for regular executive review and any compliance/regulatory related requirements.
Create reports, dashboards, pivots, advanced correlation searches, and visualizations using SQL and Splunk query language.
Support application and infrastructure teams in onboarding custom and/or native logs to our Big Data Platform and Splunk
Troubleshooting of Big Data and Splunk searches for performance issues by adding lookups, correct joins and using summary indexes.
Write detailed incident reports and deliver presentations to key business partners like Security Architects, Directors and VPs; Identify and clearly articulate (written and verbal) findings to senior management and stakeholders, both technical and non-technical audiences
Participate in after action reviews and contribute to improvements in the overall security posture of client
Ideal Experience and Qualifications
Bachelor's degree in computer science, information technology, or equivalent degree. A masters degree in information security or equivalent degree preferred.
One year experience in a security threat detection role or three years of experience as a security incident engineer or analyst
Considerations
If remote, we expect that you are working in the PST timezone, since most of the team is in San Jose, California (and so are our customers)
If in a location that has an client office, we need you to go to office for two days at a minimum in a week. If the policy of the organization changes in the future, then that two days may also increase.
Security Engineer, Detection
Clientinformation security is looking for a candidate who will assist with the design, implementation, security and ongoing support of the Cyber Security detection program and processes within the Global Information Security Team.
This position will work directly with teams inside and outside of GIS as part of our overarching security strategy for Threat Management and Response, Data Science, and GRC initiatives.
The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, security incident response, and developing/automating creative solutions. As a Threat Detection Developer, you will be expected to be skilled at identifying security detection gaps in infrastructure and applications, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units. We use our big data platform, based on open source technologies like Apache Flink, Kafka and Hadoop, to build the majority of our security detections. We also use our own data analytics platform built on Hadoop and other security tools like Splunk to build a smaller set of security detections.
Responsibilities:
Research and keep up to date on threat actors and new TTPs based on MITRE Telecommunication&ck framework; Perform detailed analysis of threats, using sound analytical skills, knowledge and experience.
Develop security specific content necessary to implement Threat Detection Alerts on our security alerting platform
Gather, maintain, and analyze cyber-security data and other key performance indicators for regular executive review and any compliance/regulatory related requirements.
Create reports, dashboards, pivots, advanced correlation searches, and visualizations using SQL and Splunk query language.
Support application and infrastructure teams in onboarding custom and/or native logs to our Big Data Platform and Splunk
Troubleshooting of Big Data and Splunk searches for performance issues by adding lookups, correct joins and using summary indexes.
Write detailed incident reports and deliver presentations to key business partners like Security Architects, Directors and VPs; Identify and clearly articulate (written and verbal) findings to senior management and stakeholders, both technical and non-technical audiences
Participate in after action reviews and contribute to improvements in the overall security posture of client
Ideal Experience and Qualifications
Bachelor's degree in computer science, information technology, or equivalent degree. A masters degree in information security or equivalent degree preferred.
One year experience in a security threat detection role or three years of experience as a security incident engineer or analyst
Considerations
If remote, we expect that you are working in the PST timezone, since most of the team is in San Jose, California (and so are our customers)
If in a location that has an client office, we need you to go to office for two days at a minimum in a week. If the policy of the organization changes in the future, then that two days may also increase.
