Cyber Defense Principal
Spartan Technologies, Inc.
- Atlanta, GA
We are searching for a Cyber Defense Principal, a thought leader within the Information Security community who will make significant contributions to the overall posture of the security program. This is a role that reports directly to the Senior Director of Cyber Defense.
This role requires a US Citizen for Green Card Holder. Will be remote to start but will eventually need to go into the office in Atlanta, GA on a Flexible schedule.
Sound like a great opportunity? It is! In this role, you will participate and contribute to the security community; participate with (and even lead) Red team exercises. You’ll threat model new products, projects, and technologies, as well as provide support during incident response activities. Though you’d have no direct reports, our Security Operations Center analysts would look to you as a mentor.
- Be actively involved in the security community and will present on relevant cyber topics.
- Responsible for threat modeling new products, projects and technologies being developed or implemented.
- Research, develop, and evaluate defensive tactics, techniques, and procedures (TTPs) for detecting and responding to modern cyber threats, leveraging the MITRE ATT&CK framework.
- Develop, implement and/or tune detections and content for security sensors, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and network Intrusion Prevention/Detection Systems (IPS/IDS).
- Perform offensive operations, with a focus on simulating adversaries. You’ll also Detection and Response processes.
- Work alongside SOC colleagues to develop requirements for new technologies and evaluate SOC tools.
- Help out with cyber security incident response teams response efforts as needed, including as an additional point of escalation.
- Take part and contribute to industry events where knowledge on the latest TTPs and corresponding detection techniques is shared.
- Have the opportunity to attend and present at conferences.
- Minimum 10+ years of relevant information security industry experience as part of an information security team.
- Advanced knowledge of threat landscape, malware, attack techniques, IOCs, TTPs, and CSF frameworks.
- Solid knowledge of tactical security models such as the Cyber Kill Chain, MITRE ATT&CK, and diamond model analysis.
- Hands-on Red team experience, and know how to perform a variety of penetration tests.
- Experience with building detections and content for security sensors, including Endpoint Detection and Response (EDR”), Security Information and Event Management (SIEM”), and network Intrusion Detection Systems (IDS”).
- Experience using Kibana or Elastic Search, as well as cloud security in environments such as Azure, AWS, or GCP hosting environments.
- Knowledge of variety of hardware, software, and cloud security controls (Firewalls, routers, switches, virtualization infrastructure, IDS/IPS, DDoS, WAF, proxy, CASB, advanced malware detection, EDR, SIEM, Threat Intelligence Platform, DLP, etc.)
- Strong writing, communication, and presentation skills.
- Ability to prioritize and execute tasks in a high-pressure environment.
- BS/BA degree in Computer Science/Engineering, Business, or a related field.
- Master’s or other advanced degree in the field of cybersecurity.
- Background in the Telecom/Cable industry.
- Experience in building defenses for custom or proprietary applications.
- Industry certification, such as an OSCP, CISSP, SANS, CISM, CRISC, CISA, CPA, or GIAC
Wednesday, September 15, 2021