Job Posting Title:
Senior Security Engineer, Anomaly DetectionReq ID:
10096946Job Description:
Who We Are
We are seeking a skilled and experienced Senior Security Engineer with a specialization in threat hunting to join our our GIS Anomaly Detection Team. In this role, you will be responsible for proactively identifying and mitigating security threats across the enterprise. Your expertise in threat hunting will be crucial in detecting anomalous and malicious activities before they can impact our systems and data. You will work closely with various teams to develop and refine security measures and contribute to the enhancement of the company’s overall security posture.
What You Will Do
Threat Hunting: Lead and execute advanced threat hunting initiatives to proactively identify and investigate potential security threats, vulnerabilities, and malicious activities within the enterprise environment.
Detection and Analysis: Utilize advanced tools and techniques to analyze security data, detect anomalies, and assess potential threats.
Rule Development: Work closely with the threat detection team to create and enhance security rules and detection signatures. Focus on developing use cases for comprehensive threat detection and ensure the automation of detection processes to improve efficiency and accuracy.
Cyber Threat Intelligence Collaboration: Partner with the CTI team to integrate threat intelligence into detection and hunting processes. Use threat intelligence to inform and enhance threat hunting activities, identify trends, and adapt strategies to emerging threats.
Incident Response: Collaborate with the incident response team to provide expert analysis and recommendations during security incidents. Contribute to the development of incident response plans and procedures.
Collaboration: Work closely with various departments and segments to enhance security measures and ensure a unified approach to threat detection and response. Collaborate via various means, including but not limited to messaging, email, and video calls. Share insights and findings to improve overall security posture and stay up-to-date with cybersecurity trends. Propose improvements to security practices and tools.
Continuous Improvement: Stay up-to-date with the latest cybersecurity trends, threat intelligence, and emerging technologies. Propose and implement improvements to security practices and tools based on evolving threat landscapes.
Documentation and Reporting: Maintain comprehensive documentation of threat hunting activities, findings, and recommendations. Prepare detailed reports for stakeholders and management.
Must Have
5+ years of experience with a focus on threat hunting or incident response
Experience working with large enterprises or cybersecurity firms
Solid understanding of cybersecurity frameworks and standards (e.g., MITRE ATT&CK, NIST)
Proficiency in at least one scripting language (e.g., Python, PowerShell, Bash)
Experience with threat intelligence platforms and SIEM systems
Familiarity with endpoint detection and response (EDR) tools
Basic knowledge of network traffic and Operating System analysis
Effective communication skills for conveying findings to technical and non-technical stakeholders
Relevant certifications or equivalent training, such as CISSP (Certified Information Systems Security Professional) or GIAC GCIH (GIAC Certified Incident Handler)
Nice To Have
Experience with advanced persistent threat (APT) investigations
Experience in red teaming operations, including penetration testing and vulnerability assessments
Experience in kill chain analysis, network traffic analysis, Active Directory and Operating System analysis
Experience with cloud security and securing cloud environments (e.g., AWS, Azure, Google Cloud)
Ability to mentor junior team members and present findings to executive leadership
Additional training in advanced threat hunting methodologies and cybersecurity tools
Education
Bachelor’s degree in Computer Science, Information Security, or a related field, OR relevant certification and experience.
Job Posting Segment:
Enterprise TechnologyJob Posting Primary Business:
Corporate Global Information SecurityPrimary Job Posting Category:
Security EngineeringEmployment Type:
Full timePrimary City, State, Region, Postal Code:
Burbank, CA, USAAlternate City, State, Region, Postal Code: