Cyber Security Specialist

The Cyber Security Specialist will be responsible for using threat intelligence to investigate potential threats and attack methods employed by malicious actors. They will apply hands-on technical knowledge to investigate incidents and mitigate risk. The role requires detailed skills in commercially sourced intelligence (CSINT) and open-source intelligence (OSINT), including analysis of publicly available information (PAI) such as advanced social media research. The Specialist will be involved in threat detection, analysis, and response using various tools, methods, and automation. Strong work ethic and creative problem-solving skills are essential for success in this hands-on position.

Detect threats and incidents through proactive “hunting” across security-relevant data sets.

Detailed skills in conducting investigations with a focus on attribution through OSINT techniques, social media research, publicly available information (PAI) and other similar investigative methods.

Develop strategies and plans for the collection of publicly available information (PAI) in response to intelligence gaps, including the tools and methodologies needed to accomplish the task.

Develop and automate playbook/use case to detect and remediate threats using either out-of-the-box or custom integration and functions.

Perform security monitoring and incident response activities across the SME global networks and cloud platforms, leveraging various tools and techniques.

Perform hands-on security testing of security controls across various products and platforms to discover risks and supervise them to resolution proactively.

Conduct correlation search and real-time analysis using SIEM/SOAR platforms, Endpoint, and network-based technologies with a focus on identifying security events and threats and developing incident response playbook automation.

Analyze security and abuse incidents to derive insight into attack vectors and TTPs.

Maintain SOC workflow, playbook, ticketing, and single pane of glass, including capturing standard SOC metrics/reporting.

• Detailed skills in commercially sourced intelligence (CSINT) and open-source intelligence (OSINT)
• Experience in conducting investigations with a focus on attribution through OSINT techniques, social media research, and publicly available information (PAI)
• Ability to develop strategies and plans for the collection of publicly available information (PAI) in response to intelligence gaps
• Proficiency in developing and automating playbooks/use cases to detect and remediate threats
• Experience in security monitoring and incident response activities across networks and cloud platforms
• Hands-on security testing of security controls across various products and platforms
• Ability to conduct correlation search and real-time analysis using SIEM/SOAR platforms, Endpoint, and network-based technologies
• Analytical skills to analyze security and abuse incidents and derive insight into attack vectors and TTPs
• Proficiency in maintaining SOC workflow, playbook, ticketing, and reporting
• Degree in Information Systems, Engineering, Cyber Security, or related fields
• Minimum four years of experience in Information Systems with at least three years of experience in Cyber Security
• CISSP, CompTIA Security+, GIAC Cyber Threat Intelligence certification is a plus
• Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis
• Experience analyzing logs in SIEM and Cloud platforms
• Proficiency in scripting languages (e.g., PowerShell and Python) for task simplification and automation
• Excellent writing skills for investigative reports
• Ability to create, organize, and analyze complex data sets with accuracy
• Ability to manage multiple investigations simultaneously with competing priorities and deadlines
• Sound judgment, critical thinking, and attention to detail
• Advanced technical skills in network and/or host security technologies, email services and technologies, cloud infrastructure and services, and identity and access management.

• Join an inclusive, collaborative, and global community
• Modern office environment designed for productivity, creativity, and teamwork
• Hybrid with Flexibility approach for remote working and in-person collaboration
• Attractive and comprehensive benefits package including medical, dental, vision, life & disability coverage, and 401K + employer matching
• Voluntary benefits such as company-paid identity theft protection, resources for pets, mental health and meditation resources, fertility coverage, fully paid leave for childbirth or bonding, fully paid leave for caregivers, programs for loved ones with developmental disabilities and neurodiversity, subsidized back-up child and elder care, and reimbursement for adoption, surrogacy, tuition, and student loans
• Investment in professional growth and development
• Time off for a winter recess