Principal Security Engineer Adversary Management Threat Intelligence
Company: Intuit
Location: Plano
Posted on: March 17, 2023
|
|
Job Description:
Overview
The Intuit Adversary Management team is looking for a security
professional who has skills and familiarity of security frameworks,
attack surfaces, big data, software development, and cloud
environments. We're using data in groundbreaking ways to uncover
insights on how adversaries are emerging their techniques, tactics
and procedures (TTP's). This individual will help support their
team in building technologies, collecting and storing data from
various sources, correlating and analyzing data to understand
adversaries motives and intent. This individual will closely work
with their team to present requirements and drive solutions that
align with Intuit Adversary Management team's mission.
What you'll bring
10+ years of experience with adversary intel collection, data
analysis, and \ or security testing
BS/MS in computer science \ mathematics \ data science or
equivalent work experience
1+ years of experience using scripting languages; preferably
python
1+ years of experience with web services (consuming or creating)
with REST or SOAP
Solid communication skills: Demonstrated ability to explain complex
technical issues to both technical and non-technical audiences
1+ years of experience with SQL, NoSQL, Graph data warehouses and
analysis tools.
Experience with network discovery and application
fingerprinting
Experience in researching, experimentation and innovation
Experience with social, mobile, cloud/SaaS, big data, and Linux
Experience with at least one scripting language, preferably
python
Experience with at least one cloud environment; AWS, GCP, etc
Familiarity with BI and analytic tools, preferably Google Big Query
and DataStudio
Always Be Learning: Demonstrate advanced critical thinking and
trouble-shooting capabilities to assess, prioritize, plan, and
implement tasks and solutions effectively, including the ability to
manage multiple projects at a time
How you will lead
Ability to lead and develop data models to derive adversary
insights about the attack surface, and assist in identification
using behaviors and characteristics
Ability to develop data models around indicator patterns to
identify undetected adversary activity.
Understanding of moderate to advanced indicators from a given TTP's
use.
Ability to lead and the collection of adversary tactics,
techniques, and procedures (TTP's) across mobile, web, and cloud
infrastructure
Ability to lead and identify and categorize moderate to advanced
TTPs to a given threat actor
Ability to lead and automate identification, categorization and
intent classification of moderate and advanced TTPs to a given
adversary
Demonstrated ability to iterate, create innovative solutions and
get stakeholder investment.
Use Big Data, AI & ML to automate threat prediction across all
attack surfaces, predict adversary infrastructure, and identify and
predict various adversaries and their intent
Can discover and walk through abuse cases specific to the choice of
technologies (internal or third party).
Ability to lead, identify and mapping emerging threats to the
attack surface and quantify risk.
Ability to use active and passive reconnaissance techniques to find
and enumerate networks, DNS and understand potential
vulnerabilities
Use Big Data, AI & ML to risks on the attack surface, identify
threat actors, related basic indicators, related TTPs, and to make
security decisions
Advanced understanding of the data filter/preprocessing between
non-security related data and security signals
Ability to perform moderate to advanced data QA tasks as part of
handling data feeds
Familiarity with software development lifecycle and understanding
of software design/architecture and fundamentals (algorithms and
data structures).
Strong understanding of the customer problem being solved, and
experience defining and validating the customer problem.
Moderate understanding of architecture patterns; DNS, Internet, AD,
web, messaging, storage, containers
Public Cloud: Fundamental knowledge of Cloud Networking, Cloud
Computing, Cloud File Systems, Cloud Databases, and Storage.
Proactively identifies slow performing code, understands the
execution and works with the team to improve performance of slow
performing code.
Proficient at identifying required data to solve business
problems
Builds feature engineering pipelines for prototypes
Ability to debug complex issues in data pipelines. Identifies
opportunities to add resiliency to make data pipelines stable.
Writes complex queries and can simply existing queries to increase
runtime performance
Takes a metric-driven and data-backed approach to evaluate the
customer benefit of a solution delivery and pivots/iterates as
necessary with full accountability and ownership
Experience in building threat models and deep knowledge of
potential vulnerabilities of the systems/design/code and working
with a team to mitigate those vulnerabilities.
Builds and enhances existing code standards, finds logic error and
bad practices in code review and provides concrete and actionable
feedback as a peer reviewer on code requests
Understands and clearly articulates implications of architectural
situations and understands impact of trade offs
Experience working on highly complex technical challenges
delivering durable capabilities that can be leveraged by other
teams.
Deep understanding of technology evaluation for build vs partner vs
buy
EOE AA M/F/Vet/Disability. Intuit will consider for employment
qualified applicants with criminal histories in a manner consistent
with requirements of local law.
Keywords: Intuit, Plano , Principal Security Engineer Adversary Management Threat Intelligence, Executive , Plano, Texas
Click
here to apply!
|