We are searching for a Content Management L3 who will be responsible for identifying, prioritizing, implementing, testing and tune threat detection use cases within the SIEM. Create alerts and reports for Threat Monitoring (SOC) and various stakeholders.
• Partner with Threat Intelligence to align detection strategy with threat model and MITRE ATT&CK framework.
• Partner with purple team, various security, risk, IT and business professionals to drive threat detection goals.
• Measure effectiveness and coverage of detection use cases.
• Participate in alert creation in various security controls such as EDR, IDS, Cloud, email gateways, etc. Analyze, influence, and recommend.
• Experience implementing and validating threat detection alerts/reports.
• Knowledge of adversarial tactics, techniques, and procedures – ability to create detective controls
• Knowledge of cyber threat intelligence.
• Knowledge of IT architecture and operations (computing, network, storage & cloud).
• Knowledge of security control technologies.
Education Requirements & Experience
• BS in Cyber Security, Information Technology, Computer Science or relevant experience.
• 3-6 years in a cyber security skill role – SIEM Content Engineer, Incident Response,
SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.