Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www.secureworks.com
Role Overview
The Threat Hunter is focused on protecting our Taegis ManagedXDR Elite customers by using a variety of tools and techniques to gather, classify, enrich, and tune suspicious and malicious activity. To accomplish this, the Triage Hunter must be able to research, evaluate, and stay current on emerging tools, techniques, and technologies. They are expected to act as a mentor, working side by-side with other personnel in an advisory, support, and training role to enhance security effectiveness & efficiency of the Security Operations Center (SOC). They will be leading security thought & innovation both internal to Secureworks and across the industry.
Role Responsibilities:
- Review and Triage alerts from various platforms reporting into Taegis and determine whether they are benign or warrant further investigation.
- Create countermeasure tuning requests.
- Conduct Threat Hunts across the ManagedXDR Elite customer base using a variety of tools and methodologies.
- Contributes to the development of new techniques and plans within area of expertise.
- Continually learn and develop through awareness and study of information security events, techniques, and threat actor TTP’s.
- Assumes ownership in problem resolution striving for customer satisfaction.
- Proactively work to document and minimize operational and client impacting issues that arise during day-to-day operations. Develop innovative and creative recommendations that improve customer outcomes.
- Provides mentorship to teammates guiding their career development.
- Actively contribute to internal projects per assignments received from the manager in alignment with own knowledge, skills, and workload.
- Capable of cross-organizational teaming in support of business advancement.
Knowledge requirements
- Thorough understanding of Threat Hunting methodologies.
- Familiarity of Python, python data science modules and Jupyter Notebooks.
- Knowledge of adversarial attack methods and technologies.
- Knowledge and application of endpoint and network security.
- In-depth disciplinary knowledge combined with advanced experience.
- Advanced understanding of Security Devices.
- Advanced understanding of Application, Network & Operating System Security vulnerabilities.
- Preferred: GCIA, GCFA, OSCP or equivalent.
Skills & Competencies
- 5-8 years of relevant experience or equivalent combination of education and work experience.
- BA/BS in engineering/computer science preferred.
- Excellent written and verbal communication skills with both technical and non-technical individuals.
- Self-Initiative and ability to successfully manage your time to meet the various demands of the role with minimal leadership oversight.