Key Responsibilities include:
Threat Modeling and Remediation Planning:
- Develop and maintain threat models to identify, assess, and mitigate potential security risks across the organization’s infrastructure.
- Collaborate with cross-functional teams to understand business processes, systems, and data flows for accurate threat modeling.
- Provide detailed remediation advice and planning to mitigate identified threats and vulnerabilities.
- Work closely with the incident response team to ensure effective handling of security incidents based on threat models.
Threat Hunting and Detection:
- Conduct proactive threat hunting activities to identify malicious activities, potential threats, and vulnerabilities within the organization’s network and systems.
- Develop and implement new detection strategies and tools to identify and respond to emerging threats.
- Analyze threat intelligence data to identify trends, patterns, and indicators of compromise (IOCs) to improve detection capabilities.
- Regularly update detection mechanisms based on new intelligence and emerging threats.
Vulnerability Proof of Concept and Offensive Tooling Knowledge Transfer:
- Perform proof of concept (PoC) testing on vulnerabilities to assess the potential impact and validate security controls.
- Develop and document PoC scripts and methodologies for identified vulnerabilities to enhance understanding and response strategies.
- Provide training and knowledge transfer to the blue team on offensive tooling, including the use and detection of tools used by adversaries.
- Assist in the development of defensive tactics and techniques by leveraging insights gained from offensive tool usage.
Collaboration and Reporting:
- Collaborate with the blue team and other security teams to enhance the organization’s overall security posture.
- Prepare detailed reports and presentations on threat modeling, hunting activities, PoC findings, and detection proposals.
- Communicate complex technical information to non-technical stakeholders to ensure a clear understanding of security risks and mitigation strategies.
Required Skills and Experience:
- Bachelor’s degree in Computer Science, Information Security, or a related field; or equivalent experience.
- 3+ years of experience in cybersecurity, with a focus on threat modeling, threat hunting, vulnerability assessment, or incident response.
- Strong understanding of cybersecurity principles, threat landscapes, and offensive and defensive security techniques.
- Hands-on experience with threat modeling methodologies, such as STRIDE, PASTA, or ATT&CK.
- Proficiency in using cybersecurity tools for threat hunting, vulnerability assessment, and penetration testing (e.g., SIEM, IDS/IPS, EDR, Nmap, Metasploit, etc.).
- Experience in developing and conducting proof of concepts for vulnerabilities and security controls.
- Familiarity with offensive security tools and techniques, such as exploitation frameworks, malware analysis, and red teaming.
- Strong analytical and problem-solving skills with the ability to think like an adversary.
- Excellent communication skills, with the ability to articulate complex security issues to diverse audiences.
Preferred Skills:
- Relevant cybersecurity certifications (e.g., CISSP, CEH, OSCP, GCIH, etc.).
- Experience with scripting and automation (e.g., Python, PowerShell, Bash).
- Knowledge of cloud security and securing cloud-based environments (AWS, Azure, GCP).
- Experience working in a SOC or with incident response teams.
Job Segment:Cloud, ERP, Testing, Cyber Security, Computer Science, Technology, Security