Skype
USC only
Hybrid- 3 days onsite, Dallas, TX
Need LinkedIn, Photo ID/Passport, Entire Weeks Availability to Evaluate – 30 minute slot required
What you'll do
- Builds and supports the underlying technologies that support the Cybersecurity Incident Response (CIR) groups as well as produces architecture, enforces process governance, and guides our regulatory compliance. Technologies include Security Analytical platforms, SOAR, SIEM, EDR, and other detection and incident response technologies.
- Manages or assists in the management of the CIR event and information platform
- Develops playbook and process automation utilizing the SOAR technologies
- Assists external teams in the proper configuration of security infrastructure that CIR relies on (IDS/IPS, Phish technologies, Firewalls, etc.)
- Aids application teams seeking to consume threat intel into the appropriate tools and services
- Tuning of alerts generated from all Cybersecurity tooling
- Supports and maintains the endpoint detection and response tooling
- Ensures appropriate configuration and rollout of the File Integrity Monitoring solution
- Aids external teams in ingestion of asset data into CIR systems
- Available if needed during an immediate incident to manage tools (24/7)
- Maintains and monitors platforms to ensure 24/7 readiness and operability of CIRE services
- Presents technical documentation to enterprise architecture and standardization boards
- Creates processes that allow non-security minded teams the ability to achieve regulatory compliance
- Consistently work with CIR and Application team in an iterative fashion to ensure that all security logs are monitored, complete, and accounted for
Minimum Qualifications- Education & Prior Job Experience
- Bachelor's degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
- 3 years of Information Technology Security related experience
Preferred Qualifications- Education & Prior Job Experience
- Cloud experience (IBM and/or Azure)
- Active Directory experience
- 1+ years of Software development experience
- 5+ years of Information Technology related experience
- 3+ years of scripting and automation experience
- 1+ years of building and using APIs
- 2+ years of networking experience
- 5+ years of Windows/Linux experience
- 2+ years of data engineering experience
- 1+ years of container technology experience
Skills, Licenses & Certifications
- Information Security Certification
- Ability to script in languages like Python or JavaScript
- Knowledge of Linux/Unix, Power Shell, Basic Windows Administration, Git
- Knowledge of Security Concepts, MITRE ATT&CK Framework, PCI Compliance Requirements
- Knowledge of Networking concepts, services, and protocols
- Knowledge of basic cloud security controls and architecture
- Knowledge of SIEM, EDR, SOAR Platforms, Big Data Platforms
- Experience with Agile methodologies and tools
- A solid understanding of networking, cyber security concepts, vulnerability identification and cyber threat intelligence
- Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
- Aptitude in solving problems independently while also having the openness to work collaboratively
- Demonstrated problem-solving skills
- Availability to work a flexible schedule and support the incident response teams during triage
- Ability to lead a small squad of engineers to deliver sustainable, scalable, and staff tolerant enterprise services