Find A Job › Information Technology

SEARCH:

Senior Security Engineer - Threat Intelligence

  • Location: New York, NY
  • Job Type: Direct Placement
  • Ref No: 19-06045
  • Date: October 10, 2019
  • Job title:
Questions about this job listing? Contact the recruiter now.

Job Description - Senior Security Engineer - Threat Intelligence

Our client is a financial, software, data, and media conglomerate that has been an industry leader for the past 20+ years. They are currently looking to add a security engineer-Threat intelligence to their CISO's team in midtown NY.

 

The Cyber Security Operations Center (CSOC) works to understand the cyber threats we face as an organization, develops instrumentation for detection and monitors events 24x7 looking for suspicious activity. If an incident is confirmed, our goal is to respond effectively to reach the best outcome in a timely manner ensuring appropriate stakeholders are involved as required. We report into the CISO, but work closely with Engineering, Legal, Compliance and many others across the organization to help unify security event management and incident response. Our colleagues depend on us to be incident response pros that have a deep understanding of IT networks and systems. On any given day we analyze cyber security events, hunt for suspicious activity, research and disseminate threat intelligence, create / improve detection rules and create / automate response procedures.

 

What's the Role:

 

As a Security Engineer within the CSOC, you'll be responsible for the development of new methods and tools to detect suspicious and malicious events occurring on our networks and systems. This involves the analysis of raw security events and data emitted from various host and network sensors in our environment. You will also be expected to analyze new threat intelligence reports for use in threat hunting and new detection efforts and respond to incidents providing expert level analysis of file, host, and network artifacts.

 

You'll need to have:

 

  • A passion for exploring and parsing data; analyzing and developing new methods to detect the latest attack techniques and tactics used by adversaries.
  • Prior experience creating and refining detection rules leveraging enterprise search products
  • The desire to analyze threat intelligence to extract TTPs and Indicators and leverage them in new detection and hunting efforts.
  • Previous experience with deep file, host, or network level analysis.
  • A solid understanding of Windows, Linux, and Mac operating systems.
  • Previous experience with enterprise search technologies such as Splunk and Elastic Stack (ELK)
  • Experience with scripting and automation (Python preferred) and working with data formats such as JSON and XML.

 

We'd Love To See:

 

  • Deep knowledge of Enterprise network and host security controls and detection techniques.
  • A background in attacker tools and techniques leveraged against enterprise environments.
  • Experience performing malware analysis and/or protocol analysis
  • Prior experience performing threat hunting operations
  • Prior experience with in Red Team/Blue Team and/or Purple Team exercises.
  • Experience with Endpoint Detection and Response (EDR) tools e.g. osquery, sysmon, Carbon Black, Tanium, Falcon, etc.
  • Experience with Network IDS, protocols, filtering and packet capture devices e.g. Snort, Suricata, NetWitness, Bro, etc.
  • Familiarity with development processes and environment tools such as Git, Jira, Jupyter hub/notebooks.

 

 





 




Related Job Listings

Job Location Type Posted  
Senior Full Stack Developer New York, NY Direct Placement December 05
Senior Network Engineer New York, NY Right to Hire December 05
Chief Information Security Officer New York, NY Direct Placement December 05
IT Manager- Compliance Systems New York, NY Direct Placement December 04
Senior Information Security Officer New York, NY Direct Placement December 04