Threat Engineer

We are looking for a Threat Engineer to join our talented Center of Excellence team. This team is responsible for leading the development and implementation of automation strategies to improve the efficiency and effectiveness of our MDR Module and supporting artificial intelligence in our Cyber Defender Platform.
Responsibilities:

• Collaborate with R&D engineering team members to develop, build, track, and maintain operational systems, projects and tools.
• Support R&D projects, adhering to project timelines and milestones.
• Contribute to the creation of prototypes, proof-of-concepts and innovative solutions what align with industry best practices.
• Assist in testing and evaluations of developed solutions to validate performance and effectiveness.
• Document research findings and technical best practices to improve future product development.
• Assist with root cause analysis on mature product issues
• Remain up to date on Microsoft technologies, API s and offerings that can enhance our solutions and product value to client
• Develop custom signatures, custom analytics rules, and assess threat data from different sources.
• Process, organize, analyze, and assist in contextualization of incident indicators
• Act as subject matter expert for emerging trends in the cyber threat landscape
• Conduct threat hunting and cyber incident response

Requirements:

• Be a self-starter who is able to manage their time and work effectively.
• Familiarity with the MITRE ATT&CK and D3FEND Frameworks as well as Lockheed Cyber Kill Chain
• A working knowledge and understanding of Kusto Query Language (KQL)
• Working knowledge of Azure, Azure Sentinel, Azure Monitor, and Microsoft Defender
• Excellent written, oral communication, and presentation skills
• Strong problem-solving skills and ability to design innovative solutions to complex challenges
• High learning agility and willingness to learn new technologies, programming languages, and tools
• Ability to communicate and collaborate effectively with cross-functional teams
• Desired Certifications: Security+, Blue Team L1, CySA+, PenTest+, CASP+, OSCP, GIAC, PJPT, PNPT, SC-200, SC-300, SC-400, AZ-500, MS-500, CISSP
• TS clearance

Qualifications:

• Bachelor s degree in Business, Computer Science, Information Systems, Cybersecurity, or a related field, or can demonstrate comparable professional programming experience
• Familiarity with cyber security concepts, principles, and industry trends
• Proficiency in programming languages such as Python, Go, or Java for software development
• 3+ years experience in a technical capacity; preferably in a role related to any of the following disciplines: senior security operations analyst, incident response, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment, penetration testing, etc.

No third parties