Finding the best job has never been easier
Share
Required/Minimum Qualifications
- 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
-- OR Master's Degree in Statistics, Mathematics, Computer Science or related field
- In-depth knowledge of one or more of the following disciplines:
-- Windows forensics and an understanding of how to leverage forensic artifacts (Event Logs, Prefetch, Shimcache, Amcache, ShellBags, etc.) to answer key investigative questions
--- Knowledge of Windows memory forensics, Linux, and/or macOS forensics is a plus
-- Cloud forensics, and the ability to investigate security incidents using the Microsoft product stack
--- Experience investigating identity-based attacks
--- Knowledge of third-party cloud providers such as AWS, GCP, etc. is a plus
-- Threat Hunting, and taking a proactive approach to identifying threats
--- Knowledge of threat actor tactics, techniques, and procedures (TTPs)
--- Ability to identify anomalies in a given dataset
--- Ability to correlate data from disparate data sources
- Attention to detail and an investigative mindset
-- Ability to contextualize and prioritize findings to put together a comprehensive account and briefing of the events that transpired during a security incident
- Advanced technical writing and storytelling skills. Able to pull together multiple disparate events to build and communicate a cohesive timeline of activity.
- Champion of continuous documentation of technical findings and ongoing investigation threads for fellow team members and key external stakeholders
- Excellent written and oral presentation skills, with the ability to convey complex topics to non-technical audiences
- Understanding of security products within an IT environment in multiple layers of the security stack (Antivirus, EDR, IDPS, proxy, firewall, VPN, email, etc.)
- Advanced usage of Microsoft Office, specifically PowerPoint, Excel, and Word
Additional or Preferred Qualifications
- 6+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
-- OR Doctorate in Statistics, Mathematics, Computer Science or related field
- Coding/scripting experience
- Experience with third-party security products, including but not limited to, Splunk, CrowdStrike Falcon, QRadar, etc.
- Experience with Kusto Query Language (KQL)
- Familiarity with MITRE ATT&CK framework
- Experience with malware analysis
- Experience with the intelligence cycle, and generating threat intelligence from investigative findings
- Experience performing large scale investigations of advanced adversaries
- Published research (blogs, presentations, etc) on novel threat actor TTPs
- Mentorship of junior investigators
Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter.
These jobs might be a good fit