Or email your resume to [email protected]
Apply for this Job below or Call Us at 1-888-743-7782
Security Intelligence Engineer
About the Job
The Team is responsible for responding to and managing customer and platform security incidents and researching threat tactics, techniques, and procedures. You will be exposed to a myriad of web architectures protected by the company's application delivery and security service networks. You will identify the changing landscape of adversarial actions and tailor defenses to match them, and react to ongoing incidents. You will train other responders to enable global scalability, and tackle the hardest challenges of internet web security. You will be exposed to new technologies and ideas and be expected to learn them quickly and then be able to teach them to others. You will find your ideas challenged and have to defend them with sound logic and evidence – and have the pleasure of working with others held to the same standards.
This individual will be responsible for quality assurance and contributing to threat intelligence services within the organization. This individual will be focused on deep packet inspection, DDoS BOTNET validation, security research, proactive intelligence framework monitoring and protection, and will participate in tool development within the research environment. This position will also be responsible for forensic cases as assigned, will participate in all research papers that are published by company to include Threat Advisories, White Papers, and post mortem incident reports.
The team focuses on managing the response to customer web security and infrastructure incidents as a Tier 3 Subject Matter Expert (SME) augmentation to existing CCare Tiers 1 and 2, coordinating responses across incidents, and researching threat tactics, techniques, and procedures (TTPs) in order to apply thecorrect response to an attack.
- Generate new research associated with new trends in attack tools, and standardize configurations to protect against them.
- Applied research: Detect, analyze and prevent attacks through fingerprinted rule sets of current attack vectors.
- Analyze and articulate risks to web infrastructure.
- Read configurations to identify and potentially recommend areas for improvement.
- Assist with critical incident response efforts, including coordination, communication, and resolution.
- Provide threat briefings and product capabilities as part of pre-sale, post-sale, integrations, and incidents.
- Work with team of Security Intelligence Response Engineers to develop research tools using scripting languages such as python, perl, ruby, etc.
- Bachelor's degree in engineering, mathematics, computer science, or related fields, or 2yrs qualifying work experience.
- Minimum of 3yrs experience with various computer operating systems (such as: Windows, MacOS, or UNIX).
- 2+yrs of experience with creating customer/public documentation.
- 2+yrs in a customer/public facing role.
- 2+yrs of experience with internet technologies and fundamental protocols such as HTTP, TCP/IP, and DNS.
- Fluent in English (additional languages a plus)
- Must be capable of independently solving complex technical problems without direct supervision.
- Must be able to communicate clearly and effectively verbally and in writing to both technical and business audiences in English.
- Experience in several different web-based defensive frameworks.
- Experience with Web Application Firewall rules writing, tuning, an devent/log management.
- Successful completion of web security challenges such as those on HackThisSite.org, OWASP's Web Goad, or Google's Gruyere.
- Thorough hand-on understanding of web-based application attacks and defenses including the OWASP Top 10.
- Must possess excellent technical aptitude and a desire to learn constantly.
- Extensive exposure to security technologies, processes, and concepts such as PKI, SSL, Authentication & Authorization, PCI, Attack Proxies, Static Code Analysis.
- Knowledge of working with Security Information and Event Management (SIEM) solutions.
- Experience assessing and hardening security configurations for operating systems, applications and services.
- Experience with network topologies / design: routing, switching, and MPLS.
- Ability to reverse engineer malicious binaries.