Sr Cybersecurity Engineer, Detection

About The Position

Requirements

• Bachelor's Degree plus 5 years of related work experience OR Advanced degree with 3 years of related experience (relevant experience in lieu of degree might be considered). Acceptable areas of study include Computer Science or Information Technology.
• Experience with Windows event logs (Sysmon, Security logs, ETW), Linux logs (auth, auditd, system logs), Cloud telemetry (AWS CloudTrail, Azure, GCP), Network telemetry (NetFlow, Zeek, firewall logs) and EDR telemetry (CrowdStrike, SentinelOne, Defender)
• Deep understanding of attacker TTPs (MITRE ATT&CK is table stakes), familiarity with SIEM/SOC workflows and incident response lifecycle and ability to break down intrusions into detection logic
• Cybersecurity (required)
• Advanced understanding of security architecture, security technologies, systems design, integration, and networking.
• Problem Solving (required)
• Innovative problem-solving skills with the proven ability to exercise flexibility and judgment.
• Communication (required)
• Excellent executive communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels.

Nice To Haves

• 4-7 years’ experience with security-related software and/or business process design
• 4-7 years’ experience in technical project management and leading cross-functional solution design teams
• 4-7 years’ expertise in network information security, including Firewall policy design, SSL Certificate management, and vulnerability analysis mitigation
• 4-7 years’ experience in technical project management and leading cross-functional solution design teams
• 4-7 years’ expertise in network information security, including Firewall policy design, SSL Certificate management, and vulnerability analysis mitigation
• Building Relationships (preferred)
• Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as strategic partners.
• Negotiation (preferred)
• Strong influence and negotiation skills; ability to achieve consensus and build effective working relationships in a decentralized environment.
• Certified Information Systems Security Professional (CISSP)
• An advanced-level certification for IT pros serious about careers in information security. Offered by (ISC)², CISSP is designed to prove expertise in designing, implementing, and managing a best-in-class cybersecurity program.
• Certified Information Security Manager (CISM)
• Offered by ISACA, this certification is for management-focused IT professionals who are responsible for developing, managing, and overseeing information security systems in enterprise-level applications, or for developing best organizational security practices.
• Certified in Risk & Informational Systems Control (CRISC)
• Provided by ISACA, CRISC is aimed at IT professionals, project managers, and others whose job it is to identify and manage risks to IT and the business.

Responsibilities

• Correlates security related data across the enterprise
• Performs Security Incident Response Handling & Incident containment/recovery
• Assists application owners to understand and implement the security aspects of their applications
• Develops, and implements advanced security strategies, tools, and technologies to protect against cyber threats and vulnerabilities
• Identifies proactively security risks and deploys effective mitigation measures to safeguard the company's systems and data
• Builds, new detection capabilities based on research of new attack techniques
• Develops content to improve detective capabilities in Security Information and Event Management (SIEM) tool and maintains, tunes, and sunsets existing detection capabilities
• Works with system owners, SIEM team, and CSOC to onboard new data sources, investigate incidents for Cyber Incident Response Team (CIRT) and participates in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours
• Responds to network security incidents to promptly mitigate damage or restore service and champion the process, recommending tool, software development, or infrastructure changes to improve or enhance security

Benefits

• medical
• dental
• vision insurance
• flexible spending account
• 401(k)
• employee stock grants
• employee stock purchase plan
• paid time off
• 12 paid holidays
• paid parental and family leave
• family building benefits
• back-up care
• enhanced family support
• childcare subsidy
• tuition assistance
• college coaching
• short- and long-term disability
• voluntary AD&D coverage
• voluntary accident coverage
• voluntary life insurance
• voluntary disability insurance
• voluntary long-term care insurance
• mobile service & home internet discounts
• pet insurance
• access to commuter and transit programs