Vacancy expired!
- Actively involved in the security community and presenting on relevant cyber topics.
- Threat modeling new products, projects and technologies that Cox is developing and/or implementing.
- Research, develop, and evaluate defensive tactics, techniques, and procedures (TTPs) for detecting and responding to modern cyber threats, leveraging the MITRE ATT&CK framework.
- Develop, implement and/or tune detections and content for security sensors, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and network Intrusion Prevention/Detection Systems (IPS/IDS).
- Perform offensive Red Team operations, with a focus on simulating adversaries, and testing Blue Team Detection and Response processes.
- Working alongside SOC colleagues to develop requirements for new technologies and evaluate SOC tools.
- Assist with cyber security incident response teams response efforts as needed, including as an additional point of escalation.
- Participate and contribute to industry events where knowledge on the latest TTPs and corresponding detection techniques is shared.
- Attend and present at conferences.
- Performance of other duties and responsibilities as assigned.
- 10+ years of relevant information security industry experience as part of an information security team.
- Advanced knowledge of threat landscape, malware, attack techniques, IOCs, TTPs, CSF frameworks.
- Strong knowledge of tactical security models such as the Cyber Kill Chain, MITRE ATT&CK, and diamond model analysis.
- Strong coding / scripting skills, including Python, JavaScript, and/or PowerShell.
- Red team experience, with hands-on experience performing various types of penetration tests.
- Experience building detections and content for security sensors, including Endpoint Detection and Response ("EDR"), Security Information and Event Management ("SIEM"), and network Intrusion Detection Systems ("IDS").
- Experience using Kibana or Elastic Search.
- Experience with cloud security in environments such as Azure, AWS, P hosting environments.
- Practical knowledge of a variety of hardware, software, and cloud security controls (Firewalls, routers, switches, virtualization infrastructure, IDS/IPS, DDoS, WAF, proxy, CASB, advanced malware detection, EDR, SIEM, Threat Intelligence Platform, DLP, etc.)
- Advanced writing, communication, and presentation skills.
- Able to prioritize and execute tasks in a high-pressure environment.
- BS/BA degree preferred (i.e., Computer Science/Engineering, Business, etc.).
- Masters or other advanced degree in the field of cybersecurity.
- Telecom/Cable industry experience.
- Experience building defenses for custom or proprietary applications.
- At least one relevant industry certification - OSCP, CISSP, SANS, CISM, CRISC, CISA, CPA, GIAC
Vacancy expired!