As a Detection & Researcher Team Lead, you will:
Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
Leverage open-source tools and frameworks to support threat attribution and research
Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders.
Lead detection, investigation and mitigation of cybersecurity incidents, including deep network traffic and data analysis
Develop and maintain scripts for data parsing, packet analysis and correlation across multiple data sources
Leverage open-source tools and frameworks to support threat attribution and research
Build and maintain integrations with APIs, threat-intel feeds and big-data platforms to enhance visibility and detection capabilities
Document research findings, detection methods and analysis techniques for technical and non-technical stakeholders.
Requirements:
2+ years of managerial experience as a team leader and/or tech lead
At least 2 years of experience in incident response, SOC operations, or a related cybersecurity role
Strong knowledge of networking fundamentals and the MITRE ATTACK framework
Experienced in working across multiple interfaces, coordinating effectively between teams and stakeholders to ensure seamless execution
Programing/scripting experience in one or more languages, e.g., Python, Go, Ruby, Bash, PowerShell or Java
Experience with Big Data analysis platforms and security monitoring tools for log analysis and investigation
Practical experience with OSINT (Open-Source Intelligence) tools and methodologies for threat hunting, attribution or intelligence gathering
It would be great if you also have:
Experience responding to incidents in large-scale or complex environments
Hands-on experience with cloud-based infrastructure
Prior work in operational security or a related discipline.
2+ years of managerial experience as a team leader and/or tech lead
At least 2 years of experience in incident response, SOC operations, or a related cybersecurity role
Strong knowledge of networking fundamentals and the MITRE ATTACK framework
Experienced in working across multiple interfaces, coordinating effectively between teams and stakeholders to ensure seamless execution
Programing/scripting experience in one or more languages, e.g., Python, Go, Ruby, Bash, PowerShell or Java
Experience with Big Data analysis platforms and security monitoring tools for log analysis and investigation
Practical experience with OSINT (Open-Source Intelligence) tools and methodologies for threat hunting, attribution or intelligence gathering
It would be great if you also have:
Experience responding to incidents in large-scale or complex environments
Hands-on experience with cloud-based infrastructure
Prior work in operational security or a related discipline.
This position is open to all candidates.
