Security Threat Job Description
Security Threat Duties & Responsibilities
To write an effective security threat job description, begin by listing detailed duties, responsibilities and expectations. We have included security threat job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Threat Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Threat
List any licenses or certifications required by the position: CISSP, CEH, OSCP, SANS, GPEN, GIAC, CSTA, ECSA, ECIH, GSEC
Education for Security Threat
Typically a job would require a certain level of education.
Employers hiring for the security threat job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Information Technology, Education, Information Security, Engineering, Information Assurance, Information Systems, Technical, Military, Cyber Security
Skills for Security Threat
Desired skills for security threat include:
Desired experience for security threat includes:
Security Threat Examples
Security Threat Job Description
- Recommend and drive additional security controls to meet current and future needs
- May be engaged in other information security or risk management projects
- Use formal intelligence analysis methods to collect information about Internet-based malware-related criminal and espionage activities and the actors behind them
- Integrating QRadar with customer operations including network management and ticketing systems, and assisting customers in building operational processes around the QRadar ecosystem
- Conducting security investigations into customer incidents using QRadar Security Intelligence
- Tuning and troubleshooting QRadar to deliver optimal performance in high volume enterprise customer environments
- Configuring and troubleshooting network and security devices, various operating systems, and applications such as web, mail and database services
- Experience in administration of operating systems (Linux and Windows)
- Security certifications (Certified Information Systems Security Professional (CISSP),Certified Information Systems Auditor (CISA),Certified Information Security Manager (CISM),Certified Ethical Hacker, Certified Expert Penetration Tester (CEPT),Cisco Certified Internetwork Expert (CCIE),Global Information Assurance Certification (GIAC) are a plus
- Candidates with active Top Secret (TS-SCI) clearance are preferred
- Command of at least one programming or scripting language, such as Python, Perl, .NET
- Strong expertise with the Hadoop framework
- Experience with data science technologies
- Experience with NoSQL technologies, such as MongoDB, ElasticSearch
- Technical and industry certifications (CISSP, GIAC)
- Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates) preferred
Security Threat Job Description
- Complete written reports in compliance with current reporting procedures and policies
- Active Engagement on the most critical Severity 1 & 0 Cyber Security Incidents
- Compliment 24x7 SIRT in analysis, assisting Incident Response (IR), mitigation recommendations, as required
- Act a subject matter expert during both active incidents and in the planning of future response and mitigation, including but not limited to Mock/Table top exercises, cross team educational sessions, business wide strategy building
- Plan and execute Mock and Table Top Incidents to improve IR readiness
- Define incident response policies and procedures, providing recommendations to improve response capabilities and create framework to support activities at the time of an incident
- Act as the project coordinator for all technology projects related to Information Security
- Work with upstream engineers and security researchers investigating threats to open source software
- Conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest
- Utilizing next generation tools and technology to conduct deep behavioral analytics assessments/ investigations with a focus on mitigating information security related insider threats
- 5+ years experience with Big Data analytics and other large scale data analytics
- 5+ years hands-on experience with SIEM technologies such as Splunk, QRadar, and/or Log Rhythm
- 5+ years of experience with netflow analysis and/or deep packet inspection technologies
- 5+ years of experience with log aggregation, correlation, and analysis
- 5+ years of experience managing network IDS/IPS solutions
- 5+ years of cyber forensics experience
Security Threat Job Description
- Conducting investigations into identified Insider activities
- Managing case workloads
- Researching, designing, creating and implementing information security systems and procedures that utilize software and hardware systems to reduce insider threats and identify vulnerabilities
- Offer guidance and training to colleagues and support them in the use of these systems and procedures
- Utilize your already established technical skills and knowledge of the business requirements to implement and secure solutions to protect the Bank’s assets
- Selecting assessment methods, techniques and evaluation criteria to prevent current threats and mitigate future risks across multiple platforms
- Assisting in the assignment of work whilst providing support and guidance to others in the group with regard to the assessment methods used in risk remediation strategies
- Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and broad scale
- Demonstarted verbal and written communications skills
- Security certifications and active Top Secret (TS-SCI) clearance are a plus
- Experience with host and network security concepts, such as system hardening, log management, intrusion detection & prevention systems, firewalls
- Experience investigating computer network intrusions
- Demonstrated ability to proactively hunt for threats and create viable long term solutions
- Experience with email and web advanced malware detection technologies
- Research experience in security products (malware/vulnerability detection, intrusion detection, intrusion prevention, cloud security)
- Assessment of customers cloud security posture
Security Threat Job Description
- Participate in the calls to resolve information security incidents including internal events and targeted threats
- Collaborate with manufacturing teams to understand business constraints, identifying workable security solutions to support business challenges
- Lead initiatives to provide better security visibility into manufacturing networks
- Collaborate with manufacturing / quality leads to lead/co-lead initiatives to more closely integrate manufacturing tools and services with enterprise tools and services
- Proactive threat hunting, event collection and monitoring, and analysis of manufacturing assets and networks
- Asset discovery and integration of asset data with asset management services
- Provide guidance around architectural security solutions to support the maturation of manufacturing ops
- Collect and analyze data to create actionable intelligence that can be used to identify threats
- Refine, validate and exercise our Threat Detection and Disruption program
- Develop detection techniques to protect our evolving environment and technical offerings
- At least 1 year experience in Delivering technology or architecture solution designs, with focus on multiple product integrations
- At least 1 year experience in implementing security solutions (e.g., firewalls, Intrusion Detection Services/Intrusion Prevention Services, Antivirus ) in enterprise environments
- MS preferred or Bachelor’s Degree with equivalent work experience and appropriate certifications
- Strong understanding of business, market and industry issues facing business or clients
- TTPs
- IOC Wrangling
Security Threat Job Description
- Deploy, mature and maintain our future logging tier, security event incident management (SEIM) system and alert, triage and response pipeline
- Lead in the evolution of our protection, detection and mitigation capabilities based on experience, evolving threat environment and findings from cyber security incidents
- Develop and maintain strong relationships with key partners to create our detection and threat disruption program
- Participate in threat hunting efforts
- Proactively investigate potential information security intrusions and breaches in our corporate, production, and service provider environments by analyzing root causes and trends of incidents
- Reproduce findings and tell the forensic story in non-technical terms, preserve the forensic and analysis details sufficient for investigations or other analysts to recreate attack scenarios
- Stay abreast of adversaries, attribution, and attacker motivations utilizing both open source and USG reporting
- Reserach attack patterns, threat reports, potential attackers and their Tactics, Techniques and Procedures (TTPs) and conduct risk/threat analyses
- Use automated tools to perform infrastructure vulnerability assessments, identify and resolve any false positive findings in assessment results
- Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology partners and support teams
- LogRhythm, Splunk, RSA (foundation)
- Juniper Networks experience
- Cisco CCNA, CCNA Security, CCNP
- Red Hat Certified Technician, Red Hat Certified Engineer
- ITILF (ITIL Foundation)
- Any experience of working with Frameworks