Senior Cyber Security Specialist, Threat Hunt

About The Position

Requirements

• Five or more years of experience in information technology, information security and/or cybersecurity.
• US Citizenship Required.

Nice To Haves

• Bachelor's degree in specialized field or an equivalent combination of education, training, and experience.
• Two or more years of experience threat hunting.
• Experience supporting cyber defense analysis of Operational Technology (OT) Networks to include Integrated Controls Systems (ICS), SCADA, and Process Control Networks (PCN).
• Two or more years of experience working in Security Operations Centers.
• Two or more years of experience working with Incident Response and Cyber Threat Intelligence functions.
• Security +, CISSP, GCIA, GCIH, GMON, GICSP, GRID, etc.

Responsibilities

• Leverage technical expertise and adversarial knowledge to hunt across the SCE Admin, cloud, and OT environment.
• Aid in the development and maturation of the OT hunt program.
• Break down and leverage technical intelligence reports and analyze Tactics Techniques and Procedures utilized by cyber adversaries and proactively hunt for those across the SCE environment.
• Use understanding of Vulnerability Exploitation to Hunt for Evidence of exploitation of emerging vulnerabilities.
• Proactively identify and document logging gaps, architectural gaps, visibility gaps, misconfigurations and control gaps, and other observations to aid in the maturation SCE's cyber posture.
• Articulate hunt findings and advise on remediation methods.
• Aid in coordinating execution of these remediations.
• Work with Threat Hunt Team lead to identify capability and process improvements for threat hunting program.
• Assist in the development of relevant detections to identify current and future malicious/suspicious activity.
• Perform security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
• Carry out project reporting for assigned projects, monitoring project status, timeline and budgets.
• Assist in the planning and implementation of current and future security domains including those which may introduce new service areas.
• Adopt and follow security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams.
• Monitor technology risk, identify root cause or key themes, recommend for resolution.
• Investigate suspected attacks and manage security incidents. Use forensics where appropriate.
• Review and shape the production of evidence to support internal and external audits.
• Implement appropriate security measures for information systems and applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information.
• Develop and maintain metrics, alerts, dashboards, and reports for security monitoring.
• Maintain incident response plans and perform incident response activities as directed and in accordance with established procedures and guidelines and those of federal authorities.

Benefits

• Hybrid work mode with the option to work remotely on certain days.
• Opportunities for personal and professional growth.
• Commitment to diversity and inclusion.