Cybersecurity Threat Detection

Company: Sensiple Inc.
Location: Plano
Posted on: February 26, 2021

Job Description:

Job Description SUMMARY The Threat Hunter creates detection logic tailored to enterprise threat landscape using industry-specific intelligence and developed use cases. Maintains data source catalog containing information on indicators, correlations and existing detection logic. Works closely with Security Engineering in onboarding new data sources and with Cyber Threat Intelligence (CTI) personnel for development of relevant use cases across various Toyota networks while maintaining general CFC collaboration. KEY RESPONSIBILITIES Experience in threat hunting utilizing statistical and anomaly analysis. Experience applying current trends identified via Cyber Threat Intelligence to threat hunt in enterprise environments. Develop use cases and create threat detection logic, rules, and alerting in SIEM for response by IR analysts Work with Incident ResponseDetect to identify and recommend new internal and external data sources to develop additional threat detection logic Analyze threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources and recommends rules and other process changes to protect against the same Operationalize Indicator of Compromise from intelligence feeds by developing, testing, and deploying monitoring and alerting rules into SIEM. MINIMUM QUALIFICATION BABS or MAMS in Engineering, Computer Science, Information Security, or Information Systems required 3 years of experience in one or more of the following areas offensivedefensive hunt techniques, offensive zero-day exploit activities, malware identification methods 2yrs experience leading a team and mentoring the team members Experience with content development and tuning dashboard Expert knowledge of network monitoring and network exploitation techniques Experience with common attack vectors, including advanced adversaries (nation statefinancial motivation) Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs and forceful browsing Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly Ability to learn and operate in a dynamic environment Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB Strong written communication skills Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets PREFFERED QUALIFICATION Desired certifications include, Security, CEH, GCIA, GCIH, CISSP or similar Experience with scripting or programming, including Perl, Python, C, C++, C, Java, BashShell, PowerShell or Batch Experience developing detection logic for enterprise SIEM systems Experience in IOD database MISP Experience with exploitation techniques and use case development Experience with IOC datasets (e.g., YARA, OpenIOC) Thanks and Regard, Sukriti Email Id mailto ( Ext 582 555 US Highway 1 S, Ste 330, Iselin, NJ, 08830 Go Green Please do not print this e-mail unless necessary

Keywords: Sensiple Inc., Plano , Cybersecurity Threat Detection, Other , Plano, Texas