Cyber Threat Hunter - Workday, Inc. San Francisco Bay Area, CA, USA Bookmark Share Print 897 1 15

Listing Description

Job Description

Workday is looking for a self-driven Cyber Threat Hunter and Engineer who will be responsible for proactive research and investigate attack activity or artifact from diverse data and operational environments. Maintain responsibility for the lifecycle of the threat hunting loop from hypothesis generation, data exploitation, pattern discovery, and new analytics deployment. Deliver sound and repeatable analysis using disparate data from various environment.

The engineer will be active in keeping the pulse of malicious actors, campaigns, and other relevant activities while research and leverage all sources to formulate various theories. This position requires flexibility to occasionally work beyond standard daytime working hours, as situations warrant.

The individual we are looking for must be able to work independently, be creative, but also feel comfortable being a member of a cross functional team and contributing their part to the overall success. Applicant must be passionate about threat hunting who can perform the work with efficiency, right amount of detail, and understand how to properly disseminate information to a wide variety of internal audience. The ideal candidate will have previous experience as a cyber threat hunter and a background in Linux Admin, DevOps and/or Pipeline Engineering.

QUALIFICATIONS

Required:

• BA or BS degree or 4+ years of relevant experience working in an enterprise security role

• Strong demonstrated experience using scripting language (Python, Ruby, Shell, Perl; prefer Python)

• Experience working in large scale datacenter and cloud environments

• Excellent understanding of core network and Internet infrastructure, including TCP/IP, routing, DNS, encryption, web and email protocols, etc.

• Familiar with log analysis and event triage

• A passion for continued learning, research, and expansion of skill sets is essential to the future success of the individual in this role

• Demonstrated knowledge of information technology and security principles

Previous experience in a threat hunting role is required.

Preferred:

• Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner. Ability to set and manage expectations with senior stakeholders and team members

• Experience in pentesting and/or vulnerability scanning/assessment a plus

• Demonstrated application development/coding experience a plus

• Previous security operation or incident response experienceThe engineer will be active in keeping the pulse of malicious actors, campaigns, and other relevant activities while research and leverage all sources to formulate various theories. This position requires flexibility to occasionally work beyond standard daytime working hours, as situations warrant.