Listing Description
The Cyber Security Threat Content Engineer will play critical role in the 24x7 Threat Detection Operations Center helping to detect security events and enable response. As the senior Cyber Security Threat Content Engineering team member, you will be a primary contributor to the continued growth of our threat detection program. The ideal candidate will have experience working with large datasets, developing content to find anomalies in that data, and enriching that data so analysts have as much information at their fingertips at the time we generate an alert.
The Cyber Security Threat Content Engineer role will involve:
* Research and analyze large volumes of data and information for use in security monitoring and response
* Partner with constituents to understand expected system and application usage to develop patterns for non-normal user and system behavior
* Work with existing data analysis platforms to develop and tune content for consumption by triage and response teams
* Identify gaps/needs in current data analysis platforms and provide input to guide the future of the data analysis platform(s)
* Develop and contribute to the content documentation
* Develop visualizations to aid in security threat analysis, response, and reporting
* Develop and enhance integrations between threat detection and response platforms to enable analysts to make decisions and respond faster
* Communicate trends, metrics, events of interest to proper internal constituents through dashboards, reports, or direct communication
Basic Qualifications
* 3+ years of experience developing content with Elasticsearch or similar platform
* 3+ years of experience programming in Python
* Completion of a Bachelor’s degree in an area such as Computer Science, Data Science, Computer Engineering, Statistics, Math or equivalent work experience
Preferred Skills
* Experience in predictive modeling and/or machine learning
* Familiarity with system event logs
* Familiarity with the MITRE ATT&CK Framework
* Graduate level degree or certificate in Data Science or related subject
* Experience working in a Security Operations Center or similar environment
* One or more of the following industry certifications: SSCP, CISSP, GSEC, GCIA, GCIH
To apply for this position, please use the following URL:
https://ars2.equest.com/?response_id=772e6b304a40514f3d68e4ddc6a87bb0The Cyber Security Threat Content Engineer role will involve:
* Research and analyze large volumes of data and information for use in security monitoring and response
* Partner with constituents to understand expected system and application usage to develop patterns for non-normal user and system behavior
* Work with existing data analysis platforms to develop and tune content for consumption by triage and response teams
* Identify gaps/needs in current data analysis platforms and provide input to guide the future of the data analysis platform(s)
* Develop and contribute to the content documentation
* Develop visualizations to aid in security threat analysis, response, and reporting
* Develop and enhance integrations between threat detection and response platforms to enable analysts to make decisions and respond faster
* Communicate trends, metrics, events of interest to proper internal constituents through dashboards, reports, or direct communication
Listing Details
- Salary: $130000 - $150000
- Citizenship: Us Citizen
- Incentives: Both
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute