Sr. Cyber Threat Engineer
LevelBlue · United States · 3 wk ago
RemoteRemoteEngineeringFull-time
About the role
A Sr. Cyber Threat Engineer is a member of Global Threat Operations for LevelBlue Managed Security Services (MSS). In addition to possessing technical knowledge and leading delivery of complex technical issues, a Sr. Engineer interacts extensively with Cyber Threat Analysts and Engineers, customers, partners, and other internal organizations using professional etiquette—serving as a liaison for threat management services as well as an escalation point within GTO.
Responsibilities
- Use strong operating system, TCP/IP networking, and application skills to perform analysis and understand detected threats.
- Analyze and respond to security events from firewalls, EDR, IDS, IPS, SIEM (Qradar, Splunk, ArcSight, LogRhythm), Web Application Firewall (WAF) and other security data sources within documented SLA.
- Monitor and respond within service level agreement (SLA) standards to customer tickets and threats requiring incident notification.
- Tune devices for proactive blocking and detection based on customer business need.
- Configure, manage, and upgrade protection policies for Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Security Information and Event Monitoring (SIEM) platforms, and Endpoint Detection & Response Platforms.
- Tune threat detection and protection devices for unique customer environments.
- Create, improve, and document processes for the management and monitoring of security solutions.
- Demonstrate leadership in all areas of the customer service engagement.
- Manage tasks and projects to meet the goals of the MSS & GTO organizations.
- Organize and facilitate technical meetings with customers and internal organizations.
- Maintain knowledge of industry-wide attacks and the current threat environment.
- Demonstrate leadership to GTO & LevelBlue staff and customers.
- Create, improve, and document processes for the management and monitoring of security solutions.
- Take responsibility for customer satisfaction and overall success of managed services.
- Respond to needs and questions of customers in a polite, positive, and professional manner concerning their managed services, managed devices and detected threats.
- Adhere to policies, procedures, and security best practices.
- Act as a mentor and escalation point for analysts and engineers within GTO.
- Develop training plans to elevate the performance of analysts.
- Lead projects to develop new service offerings and integrate new technology to services portfolio.
- Work with internal engineering teams to facilitate new features and functions.
- Collect and report data trending across multiple products and customers.
- Provide input and guidance on new product development.
- Act as both team and thought leader to junior threat team members within region and interact with peer leads and management across regions.
- Understand big picture security and threat landscape, concerns and motivations.
- Collaborate with management on process improvement, documentation and definition for threat analysis and classification.
- Foster a culture of growth and development within the teams.
- Actively recognize and reward team members for actions above and beyond.
Requirements
- Must have skills/knowledge in some of the following: Project and Queue Management, SOC Operations / Management, Endpoint Detection & Response, Security Information and Event Management (SIEM), Unix / Linux and Windows system administration, Information security best practices & network security architecture, Signature based security products, Current exploit and remediation techniques, TCP/IP networking, Vulnerability Scanning technologies, Log collection and analysis tools, Threat Intelligence, Incident Response / Forensics, Payment Card Industry (PCI) Standards.
Skills
- Project and Queue Management
- SOC Operations / Management
- Endpoint Detection & Response
- Security Information and Event Management (SIEM)
- Unix / Linux and Windows system administration
- Information security best practices & network security architecture
- Signature based security products
- Current exploit and remediation techniques
- TCP/IP networking
- Vulnerability Scanning technologies
- Log collection and analysis tools
- Threat Intelligence
- Incident Response / Forensics
- Payment Card Industry (PCI) Standards
Desired Experience
- 7 or more years of information security or networking experience
- Previous operational experience as an analyst or senior engineer
- Excellent customer service skills
- Excellent analytical thinking and problem-solving skills
- Strong oral and written communication skills
- Self-managed and team oriented; a great coach and teacher
- Responsive and collaborative
- Deadline and detail oriented; highly motivated
- Leadership & management experience
Education
- A high school diploma or equivalent is required; a college or university degree is a plus.
Benefits and Perks
- Comprehensive medical, dental, and vision insurance.
- 401(k) with employer matching.
- Generous paid time off and holidays.
- Flexible spending accounts and health savings accounts.
- Employee assistance programs.
- Training and development opportunities.
- Adoption assistance program.