Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Role Overview
The successful candidate must be a strong leader in theOperational Technology (OT)security field with proven technical skills and experience researching,validating,and responding to advanced threat actors. In this role, the candidate will make useprimaryof all available data sources, security tools, and threat trends and combining security monitoring and analysis techniques will identify attacks against the organizations.
Key Responsibilities
This role will function asanOperational TechnologyIncident ResponseSenior Advisor. You will receive investigations and respond to activity within theclient’senvironment detected bythe customer’sManaged Security Services.
In this position you will own the investigation of high incidents, performing root cause investigations, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.
Perform tuning on the alerts generated by OT Security controls
Focus on safety and reliability of operations
Act as a Subject Matter Expert (SME) for OT specific cyber-security incidents
Support the detection, response, mitigation, and reporting of cyber threats affecting client OT networks
Assist in improving OT security program processes, procedures, and training
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in OT cyber security space
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring,investigating,and analyzing computer network intrusions
Participate in the design and implementation of proactive OT security controls as needed
Incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitation of resolution, and event reporting
Utilize in-depth technical knowledge to design complex detection procedures for the detection of threat actor’s behavior
Work as an internal subject matter expert for other departments, including internal teams
Create and submit advanced recommendations (technical/process)
Requirements:
Essential Requirements
Typically requires5+ years of related experience in a professional role with aBachelor’sdegree
Minimum2yearssupporting PLC, RTU, DCS, SIS, MES, Historians,HMIor SCADA systems for different vendors
Global Industrial Cybersecurity Professional (GICSP) or Global Response and Industrial Defense (GRID) certificationsare preferred
Experience in leading and delivering end-to-end solutions, which could include strategy, design, development, testing and training, and implementation
Experience around the SIEM processes, monitoring & collecting, escalation strategies, data source normalization, event reduction, threshold tuning, alert triggers, threat Intelligence, threat modeling, triage
Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs)
Knowledge requirements
Fundamental understanding of IT and OT network communication protocols (TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, HART, Foundation Fieldbus, PROFINET, etc.)
Deep understanding of the MITRE ICS Attack Framework
Deep understanding of the Purdue Model
Proficiency in conducting network traffic analysis and the detection of malicious code on the ICS environments
Familiarity with one of the major OT specific vendor technologies
Knowledge of tactics, techniques, and procedures associated with malicious activity
Able to correlate and aggregate information from all available data sources, security tools, and threat trends to identify attacks against the client network
Knowledge of forensic tools to identify anomalous and potentially malicious behavior
Able to perform network traffic analysis and design use cases based on the findings
Skills & Competencies
Ability to work with senior business leaders to understand business objectives, identify risk factors
Ability to research about targeted OT specific threat groups and their tactics,techniques,and procedures (TTP)
Performing analysis of security and infrastructure logs
Researching targeted threat groups and their tactics,techniques,and procedures (TTP)
Programming with Python, C, C++, IA32/64 Assembly
Experience developing tools for malicious code analysis, network traffic analysis and the detection of malicious code on endpoint systems is a strong plus
Performing vulnerability and exploit research and analysis
Thorough knowledge ofOTsecurity components, principles, practices, and procedures
Working Schedule
Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.
#Radancy
No results found for your search.