Specialist, Security Engineering & Threat Management

We are in search of an intermediate level security specialist to join our Global Cybersecurity Services Team. The role will focus on strengthening our security technology stack, developing AI-powered security automation workflows, and contributing to security operations and threat management within our innovative cybersecurity operating model.

We are in the process of creating a modern, intelligence-driven security operations capability that will heavily leverage AI and automation, necessitating engineering and operational expertise across all levels.

Responsibilities

• Conduct in-depth reviews and investigations of threat alerts received by security operations, involving log examination and root cause analysis utilizing various tools such as EPP/EDR/XDR software, Digital Forensics tools, and SIEM platforms.
• Engage in security engineering activities by constructing, sustaining, and improving our security operations technology stack which includes advanced SIEM and SOAR solutions. Develop and enhance security logging and detection engineering practices while managing the lifecycle of detection use cases. Strive for automation and the integration of AI into workflows.
• Collect and analyze threat intelligence data from a variety of sources like OSINT, dark web forums, commercial feeds, and internal telemetry.
• Analyze threat actors' capabilities, motivations, TTPs, perform targeted attack and attribution analysis, and provide recommendations for enhancing the global security program and specific security control areas.
• Convert intelligence (operational/tactical/strategic) into actionable outcomes.
• Collaborate with other security stakeholders to provide context on threats, share CTI insights during incidents, and help in prioritizing defensive measures.
• Take charge of projects and initiatives such as Endpoint Security improvements, Threat Hunting, Compromise Assessments, and Network/Endpoint security evaluations.
• Demonstrate proficiency in cross-functional leadership, stakeholder management, and show readiness to mentor and contribute to the team's growth and capability.

Requirements

• 5-7 years of experience in Information Security with technical hands-on practice in various areas like Security Engineering, Security Operations, Cyber Threat Intelligence, Digital Forensics, Incident Response, Endpoint Security, or Cloud Security.
• Practical experience with SIEM, EPP/EDR/XDR, SOAR, Threat Intelligence Platforms (TIPs), and Open Source Threat Intelligence solutions.
• Hands-on exposure to Cloud environments like AWS, Azure, and GCP.
• Direct experience in Cyber Threat Intelligence roles (Analyst, Engineer, Consultant).
• Proficiency in operational, tactical, and strategic threat intelligence implementations.
• Ability to utilize AI/ML in cybersecurity scenarios effectively.
• Skilled in using scripting languages for task automation and data manipulation.
• Self-driven, detail-oriented, and committed to achieving desired outcomes.
• Fluent in both verbal and written English.