Listing Description
Dell’s Security & Resiliency Office is looking for an Incident Response Content Engineer. This individual will be responsible for analyzing meta-data, reports, alerts and rules to develop strategies and intelligence relevant to the defense of the company. As part of the global Cybersecurity Incident Response Team, this role will also be responsible for technology POCs related to expanding security capabilities, developing and improving incident response processes, level 3 support, and other functions related to securing Dell’s network and data.
The Incident Response Content Engineer implements detective and analysis capabilities within existing IR and team platforms in the form of meta-data, reports, alerts and rules. The main focus is to take disparate log, packet, threat intelligence and behavioral data and turn it into strategic and tactical intelligence relevant to the defense of the company.
Responsibilities:
•Development, research and deployment of analysis content for CSIRT consumption including meta-data, parsed log data and packet data, rules and alerts
•Programmatic enrichment and dissemination of intelligence from all available sources
•Automation of repeatable CSIRT processes related to workflow within platforms
•Collaboration with Curation functional role in deriving features from known IoCs and TTPs to develop behavioral or specific detection and response content
•Maintaining developed content documentation including how it aligns with different platform, automation and workflow mechanics
•Tracking dependent support issues
•Facilitate day to day operations for the Cyber Security and Intelligence Response Team
•Developing improved ways to curate, enrich and disseminate threat intelligence data
•Serve as level 3 analyst for escalations
•Perform POCs to further CSIRT technology stack
•Augmentation of Threat Hunting
Educational and Certification Requirements:
•Graduate/Masters in Computer Science, Information Science, or Information Systems Management or 6+ years of relevant experience
Skills Requirements:
•Excellent analytical and problem solving skills
•One or more programming/scripting languages (Python, Scala, Java, .NET, PowerShell)
•Good systems and network administration skills
•Experience with security technologies:
SIEM and Log Management Solutions (NetWitness, Splunk, Log Insight, QRadar, ArcSight)
Deep Packet Inspection (NetWitness, Bro, etc)
Intrusion Detection Systems (Snort/Sourcefire, Tippingpoint, etc)
End-point security (NetWitness Endpoint, MIR, McAfee HIPS, etc)
Web Proxy/Content Filtering (IronPort, Blue Coat, Websense, etc)
Authentication platforms (LDAP, Active Directory, PKI, Radius, RSA SecurID)
Incident Management Solutions (Archer, ArchSight, RTRI, Service Now)
•Understanding of multiple operating systems (Windows, Unix, Linux, OSX)
•Expert understanding of infrastructure and security device log formats
•Expert understanding of network communications and protocols
•Continuous integration technologies
•DevOps
•Network forensics
Preferred Requirements:
Preferred candidates will possess good analytical, technical, problem-solving, and organizational skills. They must have the ability to adjust quickly to shifting priorities and make timely decisions with limited information. They will also be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization, as well as be motivated to tackle challenging problems.
Company Description:
With more than 100,000 team members globally, we promote an environment that is rooted in the entrepreneurial spirit in which the company was founded. Dells team members are committed to serving our communities, regularly volunteering for over 1,500 non-profit organizations. The company has also received many accolades from employer of choice to energy conservation. Our team members follow an open approach to technology innovation and believe that technology is essential for human success.
Why work with us? Life at Dell means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential. Our team members health and wellness is our priority as well as rewarding them for their hard work.
Dell is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity and/or expression, national origin, protected veteran status, disability, genetics, or citizenship status (when otherwise legally authorized to work) and will not be discriminated against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we operate. Dell encourages applicants of all ages.
Please apply here: https://jobs.dell.com/job/bedford/senior-advisor-cyber-security/375/6300165•Development, research and deployment of analysis content for CSIRT consumption including meta-data, parsed log data and packet data, rules and alerts
•Programmatic enrichment and dissemination of intelligence from all available sources
•Automation of repeatable CSIRT processes related to workflow within platforms
•Collaboration with Curation functional role in deriving features from known IoCs and TTPs to develop behavioral or specific detection and response content
•Maintaining developed content documentation including how it aligns with different platform, automation and workflow mechanics
•Tracking dependent support issues
•Facilitate day to day operations for the Cyber Security and Intelligence Response Team
•Developing improved ways to curate, enrich and disseminate threat intelligence data
•Serve as level 3 analyst for escalations
•Perform POCs to further CSIRT technology stack
•Augmentation of Threat Hunting
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Masters Degree
- Travel: No Travel
- Telework: Optional Telecommute