September 19, 2019
Senior Security Engineer
- Our Information Security team needs the best talents to help us continuously improve our defenses against the evolving threat landscape as well as respond to both opportunistic and targeted cyberattacks. As a Sr. Security Engineer/Architect, you will develop new and improve existing use cases to find potential security breaches together with the Security Operations Center (SOC) team using SIEM. The role requires the ability to detect deviations from the norm and investigate events leading to and after security incidents have happened.
- Respond to information security incidents detected by SIEM system and user-reported incident claims.
- Provide guidance in security countermeasures, containment, and remediation to internal teams
- Discover tactics, techniques, and procedures (TTPs) from incident investigations and develop new SIEM use cases for continuous security monitoring
- Initiate threat hunting efforts based on relevant and latest threat intelligence
- Participate in continuous evaluation of security controls (technology or process) against the current threats
- Write security incident reports and update security incident metrics
Desired Experience and Skills
- Any Bachelor’s degree
- At least 5 years in the IT industry with information security or systems/network administration-related experience
- Knowledge/experience in Windows and Linux operating systems security
- Experience with SIEM platforms and log management systems or experience in performing incident response and computer forensics
- Knowledge in the tactics, techniques, and procedures (TTPs) used to breach an enterprise
- Must be eager to pursue long-term interest in information security field and investigative work
- Must have good verbal and written English communication skills
- Experience with computer forensics and incident response tools such as FTK, X-Ways Forensics, F-Response, and other open-source security tools found in SANS SIFT workstation.
- Experience with use case development using ArcSight ESM
- Knowledge in malware analysis (reverse-engineering)
- Knowledge in Perl, Python, or any scripting language
- Knowledge in Amazon Web Services cloud computing