Specialist, Security Engineering & Threat Management

We are in need of an intermediate level security specialist to join our dynamic Global Cybersecurity Services Team. This role will play a pivotal part in enriching our security technology stack, creating AI-powered security automation workflows, and contributing to security operations and threat management.

We are establishing an up-to-date, multi-cloud, intelligence-focused security operations capability that will heavily emphasize AI and automation, demanding engineering and operational skills across all levels.

Responsibilities

• Review and investigate Threat Alerts in depth, conducting thorough analyses of alerts received by security operations, and investigating root causes proficiently using various tools.
• Engage in Security Engineering by developing, enhancing, and managing our security operations technology stack, including cutting-edge SIEM and SOAR solutions. Enhance security logging and detection engineering practices and manage detection use case life cycle.
• Collect Threat Intelligence from a variety of sources such as OSINT, dark web forums, commercial feeds, and internal telemetry, and analyze the gathered data.
• Analyze threats by assessing threat actor capabilities, motivations, TTPs, conducting targeted attack and attribution analyses, and providing recommendations to improve global security programs or specific security control domains.
• Translate Threat Intelligence into actionable outcomes, encompassing operational, tactical, and strategic intelligence.
• Collaborate with other security stakeholders to contextualize threats, offer CTI insights during incidents, and prioritize defensive actions.
• Lead Security Projects and initiatives involving Endpoint Security enhancements, Threat Hunting, Compromise Assessments, and Network/Endpoint security reviews.
• Showcase Leadership skills by engaging in cross-functional leadership, stakeholder management, and contributing to team growth and capability.

Requirements

• Possess 5-7 years of Information Security experience, with hands-on technical expertise in various security domains like Security Engineering, Security Operations, Cyber Threat Intelligence, Digital Forensics, Incident Response, Endpoint Security, or Cloud Security.
• Hands-on experience with SIEM, EPP/EDR/XDR, SOAR, Threat Intelligence Platforms (TIPs), and Open Source Threat Intelligence solutions.
• Experience working in Cloud environments such as AWS, Azure, and GCP.
• Work experience in Cyber Threat Intelligence roles like Analyst, Engineer, or Consultant.
• Practical experience in implementing operational, tactical, and strategic threat intelligence.
• Demonstrated expertise in applying AI/ML in cybersecurity scenarios.
• Proficiency in using scripting languages for automating tasks, data manipulation, or programming.
• Self-motivated individual with great attention to detail and focus on outcomes.
• Proficient in verbal and written English communication.