Cyber Threat Hunter

综合技术 2017-09-21 阅读原文

Job Description

Join Seekintoo as a Cyber Threat Hunter and transform how people think about cyber-security! For someone who understands security operations and cyber threat hunting, this opportunity positions you to illuminate the path for clients to mature thier security operations solutions and related tools and processes.

The role will involve analysis of large amounts of data from vendors and internal sources, including various indicator feeds, ArcSight, Splunk, and several threat intelligence tools, etc.

The candidate will perform the functions of threat operations and hunting and serve as the liaison for Threat Intelligence on-site in the Security Operations Center, and mentor the incident handling, incident response, and forensics teams.

What you will do:

  • Enhancing the Security Operations and Threat Intelligence workflow by redesigning process and approach to operationalize the sharing and utilization of actionable intelligence and indicators.
  • Assist in identifying (hunting) and profiling threat actors and TTPs.
  • Custom tool design to assist in analysis and investigation. (Related experience in programming, database, system administration, etc.)
  • Implementing integration/orchestration of existing security infrastructure and indicators.
  • Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate.
  • Perform as an Information Security SME in the following areas:
  • Threat Intelligence
  • Incident Response
  • Log analysis (statistical modeling, correlation, pattern recognition, etc.)
  • Microsoft platform (Server, workstation, applications)
  • Open Systems platforms (Linux, UNIX, VM Ware ESX)
  • Web Application
  • Networking (firewalls, IDS/IPS, packet capture)
  • Databases (Oracle, SQL Server, DB2, IMS)
  • ...and others.

  • Providing mentorship and support to teammates with regard to Threat Intelligence, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Capable of identifying need & driving solutions, and providing guidance, in an autonomous manner.

Your background includes:

  • Bachelors and/or Masters Degree in Engineering, Computers Science, or related field
  • 10+ years overall technical experience in either threat intelligence, incident response, security operations, or related information security field.
  • 5+ years experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, RDBMS/NoSQL database administration, etc.
  • 2+ years experience in penetration testing, ethical hacking, exploit writing, and vulnerability management
  • Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
  • Strong and recent experience with malware analysis and reverse engineering.
  • Advanced experience with security operations tools, including but not limited to:
  • SIEM (e.g. Splunk, ArcSight)
  • Indicator management (e.g. ThreatConnect)
  • Link/relationship analysis (e.g. Maltego, IBM i2 Analyst Notebook)
  • Signature development/management (e.g. Snort rules, Yara rules)
  • Broad experience with various common security infrastructure tools (NIDS, HIPS, EDR, etc.)
  • Excellent analytical and problem solving skills, a passion for research and puzzle-solving.

Primary Location

Your primary work location will be our office in Calgary, AB, Canada. You will be required to travel up to 30% within Canada and the US, with a possibility of international travel up to 30%.

About Seekintoo

Seekintoo is an in-demand team of anti-hackers, who are battle tested with clients across private and public sectors. We've developed a global reputation for leading-edge cyber-security expertise, and consultants who pair knowledge of systems and infrastructure with proprietary iterative methodologies that keep hackers at bay.

Since our founding in 2012, we have successfully delivered for top Fortune 500 companies and Federal agencies in Canada. Our continued growth is a result of the talent, passion and ingenuity of our people. Seekintoo has an established a North American wide footprint with consultants in Calgary, Ottawa, Montreal and Seattle.

We are looking for full-time employees to become an integral part of our growing team. Seekintoo offers a range of great benefits including job stability, a comprehensive health care package, Paid Time Off, Paid Company Holidays, as well as other unique benefits that support our staff’s active work/life balance.

Apply Now

We're not really into traversing the quagmire of "talent acquisition" software, services, and recruiting gimmicks. If you think you have what it takes just send your cover letter and resume to careers@seekintoo.com. If we like what we see we'll call back! It doesn't mean you have to stay up by the phone, we can leave a voice mail.

责编内容by:Seekintoo blog 【阅读原文】。感谢您的支持!

您可能感兴趣的

DataOps: New Term, Similar Concepts Componentization, containers and the cloud have all converged to usher in a new era focused on “Ops.” It started with DevOps, which according to Wi...
You: The First, Last and Best Data Protection and ... As part of this two-part series, let’s now look to another exhibit demonstrating of how people act as the first, last and best data and privacy defens...
Tips to manage VMware NSX holistically as part of ... Software defined networking (SDN) offers multiple benefits, including cost reduction, centralized management, quicker application deployment, scalab...
How to Use the Backendless Real-Time Database in Y... Great news, guys! Backendless 5 is now released and it's time to show you some new features we've been working on. In this article, we will talk a...
技术决策的相对性 我想,作为一名程序员或技术人,总会碰到这样的场景 —— 在一些技术评审会上,和其他技术人产生关于技术决策的争论。大家争论的出发点是什么?而解决争论的原则又是什么? 绝对 曾几何时,我以为技术是客观的、有绝对正确与否的标准判断。 曾经,我刚开始学习编程技术时,捧着一本经典的数据库教材,它在...