Vacancy expired!
Sensiple Inc., service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website: www.sensiple.comWe have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value.Sensiple, Inc. is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to gender, race, color, religion, sex, national origin, veteran or disability statusOur client is looking for a
Threat Detection Operation Lead at Plano, TXJob DescriptionPosition Title: Threat Detection Operation LeadLocation: Plano, TX (Remote Until Covid)Length: Long term ContractKey Skills: Threat Detection, Cybersecurity, Forensic, Incident Response, Threat HuntingSUMMARY:The Threat Detection Lead role focuses on creating detection logic tailored to enterprise threat landscape by using industry-specific intelligence and developed use cases. In this role the candidate is expected to work closely with Security Engineering in onboarding new data sources and with Cyber Threat Intelligence (CTI) personnel for development of relevant threat hunting and alerting use cases across various networks, while maintaining general threat detection process and platform.KEY RESPONSIBILITIES:- Conduct threat detection, incident handling and hunting activities by leveraging security best practices and current detection/response platforms.
- Classify and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
- Develop use cases and create threat detection logic, rules, and alerting in SIEM for response by the Security Operations team.
- Work with leadership and stakeholders to recommend/implement processes, procedures, and technologies to improve the detection efforts.
- Operationalize Indicator of Compromise from intelligence feeds by developing, testing, and creating new alerting in the SIEM.
- Support the 24/7 Security Operations and Incident Response teams.
- 3+ years of experience in one or more of the following areas: offensive/defensive hunt techniques, malware analysis and Incident Response.
- 2+ years of experience leading a team and mentoring the team members
- Experience with content development and alert tuning.
- Expert knowledge of network monitoring and network exploitation techniques
- Ability to demonstrate analytical expertise, close attention to details, excellent critical thinking and learn and adapt quickly.
- Ability to learn and operate in a dynamic environment.
- Strong written communication skills.
- Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets.
- BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems.
- Certifications such as GCFA, GREM or OSCP/OSCE
- Experience with scripting or programming languages such as Python, Bash or PowerShell.
- Experience with IOC related tools (e.g., YARA, OpenIOC)
- Experience with orchestration and automation tasks related to threat hunting and alert development.
Vacancy expired!