Warszawa, mazowieckie

Threat Architect

The Threat Architect position is part of the SpiderLabs Threat Fusion team.  This is a global team of threat hunting and threat intelligence experts committed to identifying malicious or risky behavior within our client networks and to tracking cybercrime/APT threat actor activity from across the globe.  The threat architect is a key position to work closely with clients, conduct threat hunts, and interface with other teams within the company.
While technical expertise is a primary qualification, this position also requires excellent communication skills and business acumen.  The selected candidate will frequently meet with top level executives from Fortune 500 global companies, to explain value proposition, and to deliver threat hunting findings, as well as creating formal technical reports.
Where active breaches are discovered, this team member will also be a primary member of the breach response team, working closely with forensic investigators, malware reverse engineers, and cyber threat intel analysts, to ensure malicious actors are rapidly removed and networks are properly remediated.

Specific focus for this role will include:
Threat Hunting
Perform Proactive and Continual Threat Hunts for Trustwave clients.  Conduct hunting, investigation, containment, reporting, and client engagement related to hunting activities utilizing Trustwave’s proprietary threat hunting platform.  Contribute use-case development and detection strategies to further improve Trustwave’s proprietary threat hunting platform.  Work closely with the engineering team to lead the integration of Trustwave SpiderLabs Threat Hunt platform with the GTDB (Global Threat Database), and the Trustwave Fusion portal.  Incumbent must have a vision for “making intel actionable” for all Trustwave security analysts.  Adding proper intelligence feeds / sources, scripting extraction of intel from various potential sources.  Bring a vision to the team to improve our approach and utilization of threat intel and drive that vision to reality.

Threat Intelligence Partnerships
Interface with security researchers from Trustwave partners, such as Palo Alto Unit 42, Carbon Black, and Cybereason.  Determine joint projects and publications that can be prepared surrounding new and emerging threats that our team discovers, be a point person discussing threats with potential partners.
Trustwave offers career advancement and a competitive compensation package with an excellent health and medical benefit package.

Requirements:

  • Experience conducting incident response and computer forensic investigations.
  • Malware analysis experience is also a major advantage.
  • Experience conducting endpoint-based threat hunting.
  • In-depth knowledge of Windows system administration and good network hygiene.
  • Knowledge/experience with Windows/Linux/OSX security and investigations.
  • Knowledge of various threat actor groups and TTPs they are known to utilize. Experience developing endpoint-based rules to detect such TTPs.
  • Knowledge and experience implementing MITRE ATT&CK framework into hunting and detection mechanisms.
  • Skilled speaker and able to communicate comfortably with senior security executives.
  • Skilled writer, able to communicate both our service and emerging threat activity through written communication.

Education:

We prefer college educated applicants, but at minimum, high school diploma or equivalent is required for employment.
Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.
Kliknij tutaj, aby aplikować
Inne oferty pracy
« Asystent/ka w Dziale Finansów i Dystrybucji
Menedżer ds. opakowań »