Visite nuestro sitio en Español
Are you interested?Apply On Web
- Lead content and process development for existing and new cyber defense tools; Lead creation and validation of signatures or Indicators of Compromise (IOCs) in response to new or observed threats.
- Lead cross-functional teams to resolve computer security incidents, to improve the security posture of McAfee’s infrastructure and vulnerability compliance.
- Perform event correlation using information gathered from a variety of sources to gain situational awareness to detect, confirm, contain, remediate, and recover from attacks.
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information; Perform root cause analysis to determine tactics, techniques, and procedures (TTPs) for intrusions.
- Notify Security Operations managers and cyber incident responders of suspected cyber incidents in accordance with the cyber incident response plan and procedures
- Exercise a user-oriented approach while handling security incidents to ensure that user impact is minimized as much as possible, and the situation is well articulated to users
- Document ongoing incidents, after-action reports, and escalate incidents
- Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
- Monitor external data sources to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
- Support Incident Response efforts - evidence collection, documentation, communications, and reporting.
- Responsible for the enforcement of corporate information security policies to protect McAfee's information assets and intellectual property.
- Lead or contribute to security risk assessments that determine threats, consequences, and vulnerabilities to key assets, products, and services.
- Recommend and drive additional security controls to meet current and future needs.
- 5+ years of experience in Security Operations environment
- Exercising solid critical thinking and analytical skills Leading efforts during one or more phases of Incident Response lifecycle Application of cybersecurity principles and risk management basics to mitigate risk Leading & collaborating with multiple teams to drive improvements and resolutions Cloud security monitoring – detection and response (AWS, GCP, and Azure)
- Mentoring junior analysts and improving security technologies & processes
- You have taken initiatives to drive improvements for security technologies and processes
- Outstanding knowledge of the Security Operation Center (SOC) & the Information Security Common Body of Knowledge and best practices
- Excellent knowledge of process automation and use of SIEM & SOAR tools
- Ability to improvise as newer threats emerge and guide team on threat hunting
- Preferred certifications: GCIH, GCFA, CEH, Network+, Security+, cloud service provider certifications or equivalent industry standard certifications
- Familiarity with Rapid7 suite of tools
- Familiarity with Crowdstrike suite of tools
- Familiarity with SumoLogic, Splunk or other log aggreation tools
- Familiarity with Microsoft Active Directory
April 15, 2022
Are you interested?Apply On Web
View all Events
- MRO-Zone.com Online Bookstore
- Job Postings for Maintenance and Reliability Professionals
- Special Reports
- Find out how to optimize your machines!
- Free eBook: 11 Problems With Your RCA Process and How to Fix Them
- Alignment, Vibration, Balancing and Ultrasound Training mapped to UPTIME® ELEMENTS
- Asset Performance Management and Reliability Software