guidepoint security

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

vSOC Cyber Threat Hunter

at guidepoint security

Posted: 2/19/2019
Job Reference #: oHYF6fwa
Categories: Other/General
Keywords:

Job Description

Description

GuidePoint’s vSOC features a dedicated Threat Hunting team designed to proactively detect advanced threats that evade traditional security solutions. Threat hunting includes using both manual and machine-assisted capabilities, and aims to find the Tactics, Techniques and Procedures (TTPs) of advanced adversaries. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.

The Threat Hunter will be a key member of the GuidePoint vSOC team responsible for participating in threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the Threat Hunter is to detect, disrupt and the eradication of threat actors from enterprise networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies.

While a local candidate to either the Herndon, VA or St. Petersburg, FL office is preferred; this position is remote/virtual working from a home office. The most qualified candidate, regardless of location, will be selected to support all of the remote and on-premise vSOC analysts.

Role and Responsibilities:

  • Hunt for and identify threat actor groups and their techniques, tools and processes
  • Participate in "hunt missions" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on customer’s networks.
  • Provide expert analytic investigative support of large scale and complex security incidents.
  • Perform analysis of security incidents for further enhancement of alert catalog
  • Continuously improve processes for use across multiple detection sets for more efficient operations
  • Document best practices using available collaboration tools and workspaces.
  • Review alerts generated by detection infrastructure for false positives and modify alerts as needed
  • Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • A passion for research, and uncovering the unknown about internet threats and threat actors
  • Provide Tier 2 & Tier 3 support to vSOC analysts as needed
  • Validate suspicious events and incidents by using open-source and proprietary intelligence sources
  • Document and manage incident cases in our case management system
  • Report incidents to the customer using a ticketing system
  • Interface with customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring
  • Keep up-to-date with information security news, techniques, and trends
  • Become an expert in the Splunk platform
  • Become proficient with ServiceNow
  • Become proficient with third-party threat intelligence tools as required

Position Requirements:

  • Advanced Experience in Information Security (Required)
  • Cyber Threat Hunting Experience (Required)
  • Strong communication skills written and oral (Required)
  • Experience with Splunk (Required)
  • Experience with Incident Management (Required)
  • Experience with cyber threat intelligence (Required)
  • Experience with software vulnerabilities & exploitation (Required)
  • Experience with data analysis (Required)
  • Experience with malware analysis (Desired)
  • Experience with APT/crimeware ecosystems (Desired)
  • Experience with exploit kits (Desired)
  • Experience writing and communicating with customers (Desired)
  • Degree in Information Security or Information Technology (Desired)


Why GuidePoint?

GuidePoint Security is one of the fastest growing companies in the U.S. and a leader in cybersecurity. Since its inception in 2011, GuidePoint has grown to nearly 350 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 1,000 clients. Our core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. Our generous benefits plan includes 100% employer paid medical and dental with generous employer family contributions and eligibility for retirement plan benefits after six months. Within GuidePoint, our next generation Managed Security Services (MSSP) business is growing very rapidly. If you have the passion, work ethic, winning attitude and competitive mindset and be at the forefront the best MSSP in the U.S., we want you on our team.


Equal Opportunity Employer

GuidePoint Security, LLC is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.