Jobs · Engineering

Sr. Cyber Threat Engineer

LevelBlue · United States · 3 wk ago
RemoteRemoteEngineeringFull-time

About the role

A Sr. Cyber Threat Engineer is a member of Global Threat Operations for LevelBlue Managed Security Services (MSS). In addition to possessing technical knowledge and leading delivery of complex technical issues, a Sr. Engineer interacts extensively with Cyber Threat Analysts and Engineers, customers, partners, and other internal organizations using professional etiquette—serving as a liaison for threat management services as well as an escalation point within GTO.

Responsibilities

  • Use strong operating system, TCP/IP networking, and application skills to perform analysis and understand detected threats.
  • Analyze and respond to security events from firewalls, EDR, IDS, IPS, SIEM (Qradar, Splunk, ArcSight, LogRhythm), Web Application Firewall (WAF) and other security data sources within documented SLA.
  • Monitor and respond within service level agreement (SLA) standards to customer tickets and threats requiring incident notification.
  • Tune devices for proactive blocking and detection based on customer business need.
  • Configure, manage, and upgrade protection policies for Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Security Information and Event Monitoring (SIEM) platforms, and Endpoint Detection & Response Platforms.
  • Tune threat detection and protection devices for unique customer environments.
  • Create, improve, and document processes for the management and monitoring of security solutions.
  • Demonstrate leadership in all areas of the customer service engagement.
  • Manage tasks and projects to meet the goals of the MSS & GTO organizations.
  • Organize and facilitate technical meetings with customers and internal organizations.
  • Maintain knowledge of industry-wide attacks and the current threat environment.
  • Demonstrate leadership to GTO & LevelBlue staff and customers.
  • Create, improve, and document processes for the management and monitoring of security solutions.
  • Take responsibility for customer satisfaction and overall success of managed services.
  • Respond to needs and questions of customers in a polite, positive, and professional manner concerning their managed services, managed devices and detected threats.
  • Adhere to policies, procedures, and security best practices.
  • Act as a mentor and escalation point for analysts and engineers within GTO.
  • Develop training plans to elevate the performance of analysts.
  • Lead projects to develop new service offerings and integrate new technology to services portfolio.
  • Work with internal engineering teams to facilitate new features and functions.
  • Collect and report data trending across multiple products and customers.
  • Provide input and guidance on new product development.
  • Act as both team and thought leader to junior threat team members within region and interact with peer leads and management across regions.
  • Understand big picture security and threat landscape, concerns and motivations.
  • Collaborate with management on process improvement, documentation and definition for threat analysis and classification.
  • Foster a culture of growth and development within the teams.
  • Actively recognize and reward team members for actions above and beyond.

Requirements

  • Must have skills/knowledge in some of the following: Project and Queue Management, SOC Operations / Management, Endpoint Detection & Response, Security Information and Event Management (SIEM), Unix / Linux and Windows system administration, Information security best practices & network security architecture, Signature based security products, Current exploit and remediation techniques, TCP/IP networking, Vulnerability Scanning technologies, Log collection and analysis tools, Threat Intelligence, Incident Response / Forensics, Payment Card Industry (PCI) Standards.

Skills

  • Project and Queue Management
  • SOC Operations / Management
  • Endpoint Detection & Response
  • Security Information and Event Management (SIEM)
  • Unix / Linux and Windows system administration
  • Information security best practices & network security architecture
  • Signature based security products
  • Current exploit and remediation techniques
  • TCP/IP networking
  • Vulnerability Scanning technologies
  • Log collection and analysis tools
  • Threat Intelligence
  • Incident Response / Forensics
  • Payment Card Industry (PCI) Standards

Desired Experience

  • 7 or more years of information security or networking experience
  • Previous operational experience as an analyst or senior engineer
  • Excellent customer service skills
  • Excellent analytical thinking and problem-solving skills
  • Strong oral and written communication skills
  • Self-managed and team oriented; a great coach and teacher
  • Responsive and collaborative
  • Deadline and detail oriented; highly motivated
  • Leadership & management experience

Education

  • A high school diploma or equivalent is required; a college or university degree is a plus.

Benefits and Perks

  • Comprehensive medical, dental, and vision insurance.
  • 401(k) with employer matching.
  • Generous paid time off and holidays.
  • Flexible spending accounts and health savings accounts.
  • Employee assistance programs.
  • Training and development opportunities.
  • Adoption assistance program.

Similar jobs

Sr Cybersecurity Engineer

GM FinancialIrving, TX· 2 days ago
Information Technologyapply on fa-exvu-saasfaprod1.fa.ocs.oraclecloud.com