Cyber Threat Engineer

Description:

Cyber Threat Engineers perform the following duties:

• Use strong TCP/IP networking skills to perform network analysis and understand detected threats.
• Analyze escalated, complex cases involving a pattern of security events from firewalls, IDS, IPS, SIEM, Web Application Firewall (WAF), and other security data sources.
• Resolve intractable technical problems within managed security solutions as part of a sustained improvement project.
• Create, improve, and document processes for the management and monitoring of security solutions.
• Tune devices for blocking and reporting based on customer business need.
• Configure, manage, and upgrade Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), and Security Information and Event Monitoring (SIEM) platforms.
• Baseline threat detection devices for unique customer environments.
• Test and improve signature-based and other detection methods.
• Take responsibility for customer satisfaction and overall success of managed services.
• Respond to needs and questions of customers in a polite, positive, and professional manner concerning their managed services, managed devices and detected threats.
• Adhere to policies, procedures, and security best practices.
• Resolve problems independently and understand the correct escalation procedures.
• Perform rotating on-call duties (nights/weekend rotations).
• Act as a mentor and escalation point for analysts within the Global Threat Operations team.

Skills & Knowledge Requirements: Must have intermediate skills/knowledge in some of the following:

• Security Information and Event Management (SIEM) management
• Web Application Firewall (WAF) management
• Unix / Linux and Windows system administration
• Information security best practices & network security architecture
• Sourcefire/Snort based security products
• Current exploit and remediation techniques
• Web Services Administration
• TCP/IP networking
• IP Tables/Packet filter firewalls
• Vulnerability Scanning technologies
• Log collection and analysis tools
• Endpoint security concepts and products

Desired experience:

• Information security or networking
• Intrusion analysis experience
• Excellent customer service skills
• Excellent analytical thinking and problem solving skills
• Strong oral and written communication skills
• Self-managed and team oriented
• Deadline and detail oriented
• Highly motivated

Required:

• English: Demonstrated Fluency

Preferred:

• Intermediate to advanced experience in Information Security related areas
• Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.

Education:

We prefer college educated applicants, but at minimum, high school diploma or equivalent is required for employment.