Cyber Threat Hunter - Wells Fargo United States Bookmark Share Print 675 1 14

Listing Description

At least 10 years or more in cyber security

Threat Hunt

Incident Response

Splunk experience and SPL

Advanced Information Security technical skills

Proficient in working with systems, networks, and application vulnerability testing

Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats

Experience working in a large enterprise environment

Ability to execute in a fast paced, high demand, environment while balancing multiple priorities

Knowledge and understanding of banking or financial services industry

Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions

Knowledge and understanding of malware reverse engineering including: code or behavior analysis for endpoints and the network

3+ years of Linux experience

Experience analyzing large data setsDuties include creating, improving, and delivering events of interest from both upstream security tools and big data solutions for the benefit of the Cyber Security teams. The ideal candidate will have extensive experience in network-focused forensics and threat hunting utilizing both Deep Packet Inspection (i.e. full packet capture) and EDR solutions. The ideal candidate will additionally have a well-rounded background in endpoint/network defenses and security incident response, as well as some offensive security knowledge to allow the ability to think like an adversary. Polished verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during the work to visualize, investigate, contain, and conclude a security incident. The candidate will play a major role in our cyber threat hunt automation efforts, including the vetting of new models and procedures to identify and react to anomalous network and/or endpoint behaviors.

Threat hunting efforts will be focused primarily on identifying advanced threats that are not detected via traditional security tools. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, Threat Detection Services, and the Offensive Security Research Team will be critical to success. This position is designed to assure success in our next-generation ability to discover and react to advanced security threats.