Threat hunter
1 month ago
Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, Saa S security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www. Secureworks. Com We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team. Role Overview The Threat Hunter is focused on protecting our Taegis Managed XDR Elite customers by using a variety of tools and techniques to gather, classify, enrich, and tune suspicious and malicious activity. To accomplish this, the Triage Hunter must be able to research, evaluate, and stay current on emerging tools, techniques, and technologies. They are expected to act as a mentor, working side by-side with other personnel in an advisory, support, and training role to enhance security effectiveness & efficiency of the Security Operations Center (SOC). They will be leading security thought & innovation both internal to Secureworks and across the industry. Role Responsibilities: Review and Triage alerts from various platforms reporting into Taegis and determine whether they are benign or warrant further investigation. Create countermeasure tuning requests. Conduct Threat Hunts across the Managed XDR Elite customer base using a variety of tools and methodologies. Contributes to the development of new techniques and plans within area of expertise. Continually learn and develop through awareness and study of information security events, techniques, and threat actor TTP’s. Assumes ownership in problem resolution striving for customer satisfaction. Proactively work to document and minimize operational and client impacting issues that arise during day-to-day operations. Develop innovative and creative recommendations that improve customer outcomes. Provides mentorship to teammates guiding their career development. Actively contribute to internal projects per assignments received from the manager in alignment with own knowledge, skills, and workload. Capable of cross-organizational teaming in support of business advancement. Knowledge requirements Thorough understanding of Threat Hunting methodologies. Familiarity of Python, python data science modules and Jupyter Notebooks. Knowledge of adversarial attack methods and technologies. Knowledge and application of endpoint and network security. In-depth disciplinary knowledge combined with advanced experience. Advanced understanding of Security Devices. Advanced understanding of Application, Network & Operating System Security vulnerabilities. Preferred: GCIA, GCFA, OSCP or equivalent. Skills & Competencies5-8 years of relevant experience or equivalent combination of education and work experience. BA/BS in engineering/computer science preferred. Excellent written and verbal communication skills with both technical and non-technical individuals. Self-Initiative and ability to successfully manage your time to meet the various demands of the role with minimal leadership oversight. Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.