Vacancy expired!
- Countermeasures engineer, specializing in one or more areas of security control content development (Network IDS or Endpoint).
- Development and maintenance of content (signatures, detections, IOC/IOA/IOB) to be stored in a centralized content repository and shared with Fusion Center, deployed to security controls.
- Consuming tactical threat intelligence to assess threat, develop written threat models and deploy technical countermeasures to various security controls.
- Observe and tune control behavior with respect to configuration (limited to threats vs other policy drivers).
- Building and maintaining detections/signatures content repository.
- Reviewing Fusion Center events (Splunk) to derive content use cases.
- Consuming threat intelligence to define security control content.
- Supporting the team in planning and generating documentation artifacts.
- Threat Management, Threat Mitigation, Threat Response.
- Splunk
- Tanium (as a user).
Vacancy expired!