Address
Form of workBRP is an award-winning entrepreneur led and inspired insurance distribution holding company delivering solutions that give our clients the peace of mind to pursue their purpose, passion and dreams. Our family of firms' best-in-class resources and diverse portfolio of services are innovating the industry by taking a holistic and tailored approach to insurance, risk management and employee benefits.
The Lead Cyber Threat Hunter will use data from existing and new security tools to proactively search for malicious actions or threats to the BRP environment. This position will stay informed and up to date on current and emerging security threats and trends. They will aid in the protection of BRP from these by analyzing incoming traffic for these threats, proposing detections methods to search for these threats, and proposing defense counter measures to be implemented. This role will provide aid through incident response by analyzing potential indicators of compromise and analyzing potentially malicious programs to determine the verdict of malicious/benign.
Description of Primary Responsibilities
- Lead Threat Team
- Subject matter expert on Threats and Vulnerabilities
- Manage MDR service provider
- Manage SIEM
- Lead Incident Responder
- Manage 3rd party threat intelligence (i.e Recorded Future)
- Remediation of vulnerabilities identified via third party solution
- Initial contact for Zero day/Urgent incidents
- Project work for solutions related to primary responsibilities
- Continuous Monitoring and Reporting
KNOWLEDGE, SKILLS AND ABILITIES:
- Able to lead and build a team of security professionals for threat detection, incident response and vulnerability management
EDUCATION AND EXPERIENCE
Education
- Preferred: Undergraduate/Bachelor's Degree
Experience
- 2 years' experience in threat identification and remediation
- 2 years' experience in incident response
- 2 years' experience using vulnerability scanners such as (Qualys, Rapid7 and or Nessus)
- Relevant certifications or comparable experience will be considered in lieu of experience
Certifications
One of the following certifications preferred, or comparable certifications
- GIAC-Certified Incident Handler (GCIH)
- GIAC-Certified Detection Analyst (GCDA)
- GIAC Defending Advanced Threats (GDAT)
TECHNICAL, COMPUTER, SYSTEM SKILLS:
- Understanding of complex enterprise networks to include routing, switching, firewalls
- Experience defending or responding to simulated or real-world attacks
- Experience converting intelligence into actionable mitigation and technical control recommendations
- Solid understanding of Windows OS and server fundamentals
- Strong knowledge of malware families and network attack vectors
- Proficient with scripting languages such as Python, Bash, or PowerShell
- Experience with AWS or other cloud infrastructure, a plus
- Preferred - scripting
SPECIAL WORKING CONDITIONS:
- Fast paced multi-tasking environment
IMPORTANT NOTICE:
This position description is intended to describe the level of work required of the person performing in the role and is not a contract. The essential responsibilities are outlined; other duties may be assigned as needs arise or as required to support the organization. All requirements may be subject to reasonable accommodations to applicants and colleagues who need them for medical or religious reasons.
#LI-TD1
Click here for some insight into our culture!
