Principal, Cyber Defense
Contract To Hire
"Principal, Cyber Defense"
with one of our direct clients in
for initial contract duration of
No third party candidates considered for this position. US citizens and all those authorized to work in the US are encouraged to apply.
What You’ll Do:
- Be actively involved in the security community and will present on relevant cyber topics.
- Responsible for threat modeling new products, projects and technologies that Client is developing and/or implementing.
- Research, develop, and evaluate defensive tactics, techniques, and procedures (TTPs) for detecting and responding to modern cyber threats, leveraging the MITRE ATT&CK framework.
- Develop, implement and/or tune detections and content for security sensors, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and network Intrusion Prevention/Detection Systems (IPS/IDS).
- Perform offensive Red Team operations, with a focus on simulating adversaries. You’ll also test Blue Team Detection and Response processes.
- Work alongside SOC colleagues to develop requirements for new technologies and evaluate SOC tools.
- Help out with cyber security incident response teams response efforts as needed, including as an additional point of escalation.
- Take part and contribute to industry events where knowledge on the latest TTPs and corresponding detection techniques is shared.
- Have the opportunity to attend and present at conferences.
What’s In It For You:
Really good question, and we have some good answers that we hope you like.
We want you to feel cared for and respected (like you do for our customers), and that starts with Client highly competitive pay and other compensation perks (401k + company matching, comprehensive medical benefits, etc.). We also offer Client discounted services, tuition reimbursement for academic pursuits, adoption assistance, paid time off to volunteer, childcare and eldercare resources, pet insurance and much more.
Good work should be rewarded, and not just with a healthy paycheck. The Client culture is one that values people more than technology, so its our goal to make sure you feel recognized for your contributions. Its also important to work alongside colleagues who get you.” At Client, youll find a workplace where relationships are crafted with care and successes are celebrated with high fives. We strive to create an environment where you can do you, and everyone from leadership to new hires can support and feel supported.
Growth is a good thing, and youll have opportunities to learn and train so you can sharpen your skills and explore opportunities across the Client family of businesses that will continue to challenge and empower you. In the future, you may have the opportunity to cultivate customer relationships in other sectors where we operate like cleantech, health care and new forms of transportation mobility.
Who You Are?
This is an incredibly important role, and with a title like Cyber Defense comes quite a few requirements. Here are some of the basic requirements that will assure you’re on track for this opportunity:
- 10+ years of relevant information security industry experience as part of an information security team.
- Advanced knowledge of threat landscape, malware, attack techniques, IOCs, TTPs, and CSF frameworks.
- Solid knowledge of tactical security models such as the Cyber Kill Chain, MITRE ATT&CK, and diamond model analysis.
- Hands-on Red team experience, and know how to perform a variety of penetration tests.
- Experience with building detections and content for security sensors, including Endpoint Detection and Response (EDR”), Security Information and Event Management (SIEM”), and network Intrusion Detection Systems (IDS”).
- Experience using Kibana or Elastic Search, as well as cloud security in environments such as Azure, AWS, or GCP hosting environments.
- Knowledge of variety of hardware, software, and cloud security controls (Firewalls, routers, switches, virtualization infrastructure, IDS/IPS, DDoS, WAF, proxy, CASB, advanced malware detection, EDR, SIEM, Threat Intelligence Platform, DLP, etc.)
- Strong writing, communication, and presentation skills.
- Ability to prioritize and execute tasks in a high-pressure environment.
- BS/BA degree in Computer Science/Engineering, Business, or a related field.
- Master’s or other advanced degree in the field of cybersecurity.
- Background in the Telecom/Cable industry.
- Experience in building defenses for custom or proprietary applications.
- Industry certification, such as an OSCP, CISSP, SANS, CISM, CRISC, CISA, CPA, or GIAC