|Preferred GIAC Certifications||504|
We are looking for a problem solver with a taste for complex challenges who can devise practical, innovative and effective solutions using the most appropriate languages, tools and hardware. You will assist in the effort of finding known and unknown threats and understanding new adversary TTPs (Tactics, Techniques and Procedures). This is a technical role with the understanding that you are already conversant in security automation, system security, network security, compliance, and incident response.
Your training and development budget will include at least one major off-site training course annually (SANS etc.), at least one major security conference (Blackhat, Defcon, RSA etc.) as well as local conferences and events. You'll be encouraged to keep your skills up to date with other events such as internal red/blue team events, hackathons, membership of various groups and societies. You'll be provided a budget to grow a reference library for yourself and your team, and a lab to run proof of concept projects in.
What you’ll do:
Support the SOC in understanding incidents targeting Workday
Improve threat detection using network or system capabilities
Drive security monitoring efforts
Build automation solutions around open-source and proprietary tools
Gather requirements and develop solutions from the SOC and wider security team
Evaluate new tools and techniques to create innovative and practical security solutions
Help drive team development by mentoring new and existing staff.
Skills and Experience:
5+ years of experience in a similar technical security role
BSc Degree in Computer Science (or equivalent)
Mature approach to supporting a 24/7 SOC in a follow-the-sun model
Experience with cloud security concepts, solutions and automation
IDS/IPS/HIDS systems, SIEM systems and vulnerability scanning tools
Python, Ruby and other scripting languages is essential, as is a strong understanding of Linux/OSX and Windows
Deep understanding of network and application security threats, attack techniques and mitigation options and network related protocols (e.g. TCP/IP, IPSEC, routing protocols, etc.)
Relevant Security, Systems, and Networking certifications a plus.