Threat Engineer

About The Position

Requirements

• Associate’s Degree (AA) or equivalent experience - Required
• 1+ Years of experience in one or more areas; incident response, security engineering, offensive security, threat emulation, penetration testing, or security operations - Required
• Experience identifying and addressing telemetry gaps in security monitoring - Required
• Experience contributing to purple team, including supporting risk hunting, telemetry validation, detection efficacy - Required
• Experience developing and supporting cybersecurity metrics and reporting to support security operations - Required
• Ability to support complex incidents and evolve strategies based on new information - Required
• Junior level analytical skills with the ability to investigate network, host, cloud and identity platforms - Required globally distributed environment - Required
• Ability to work independently within a globally distributed environment - Required
• Strong written and verbal communications skills
• Assist in creating automation\workflows to scale security operations - Required
• Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions - Required
• Junior level investigative, analytical and problem solving skills required
• Junior level ability to set goals and handle multiple tasks and projects simultaneously - Required
• Ability to appropriately balance priorities, deadlines, and deliverables required
• Ability to work well within a team environment and participate in department/team projects - Required
• Technical Requirements: Windows, Mac, and Linux internals, Cloud computing (AWS), M365 suite and ecosystem, Microsoft domain environments, IAM/AAA technologies and architectures (Active Directory, Okta, OpenID, SAML, Oauth, JWT), Physical and Virtual Networking technologies and architecture, SIEM (Splunk), EDR (CrowdStrike, Microsoft Defender), Email security, DNS - Required

Nice To Haves

• Bachelor’s Degree in Arts/Sciences (BA/BS) or professional industry certification - Preferred
• 2+ Years of relevant experience - Preferred
• Technical Requirements: Cloud Computing (GCP, Azure), Forensic tools (FTK, Encase, X-Ways, SIFT), Scripting (Powershell/Python/Javascript/Typescript), Service Now - Preferred

Responsibilities

• If required, participate in a 24/7 on-call rotation, alert triage, investigation
• Support the following functions: threat detection, offensive security
• Support the development of orchestrations and automations that reduce manual tasks
• Perform junior level intrusion and/or defensive analysis
• Support security related audit/compliance/risk-reduction efforts at a junior level
• Support offensive and/or defensive security tool development, procurement, and management
• Determine and deliver logging requirements to better detect and respond to security threats
• Support the delivery of projects that drive down the overall risk and/or impact of a cybersecurity incident
• Performs other duties as assigned

Benefits

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.