Job title: Cloud Security Engineer (CJIS Security clearance must)
Location: Redmond, WA (Hybrid Onsite)
Job Type: Full time Only
Job description:
Senior Security Threat Hunter works closely with other cloud and security professionals to investigate threats, proactively hunt for compromise, automate capabilities, develop security tooling and data automation, and contribute your experience and expertise to countless other projects. You will be working to solve issues related to the latest security trends and early warning indicators, as well as help design solutions for emerging threats. Responsibilities
- Plan and execute proactive adversary hunt for malicious activity, fraud, and abuse using myriad log sources, network- and host-based tools, and threat intelligence to identify the threat actors and their tools and techniques
- Participate in- and contribute to- cyber threat intelligence sharing forums and platforms; organize and curate threat intelligence; form macroscopic perspective on adversaries, actors, and campaigns.
- Perform investigations on suspected compromised assets and cloud services, analyze log data and other artifacts to determine what occurred, and communicate the outcome of that investigation in written and verbal form.
- Seek out fraud and abuse occurring on the service, and innovating data analysis and response tooling at scale to protect customers.
- Collect, curate, and transform various data to support advanced analytic creation and investigation automation.
- Design, develop, debug, and deliver tooling (and associated documentation) to assist the investigative and hunting process.
- Work with other internal and external teams to forge new and improve existing partnerships that help mature the teams' techniques, tactics, and procedures (TTPs).
- Experience in SDLC, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response
- Working with large data sets to answer complex and ambiguous questions, using tools and languages like: SQL, KQL, Azure Data Explorer, Azure Data Lake, Azure Machine Learning (AML), Jupiter Notebooks, Spark, Azure Synapse, R, U-SQL, Python, ELK stack, or Splunk.
Preferred Qualifications
- Understanding of adversary and cyber intel frameworks such as kill-chain model, ATT&CK framework, and Diamond Model.
- Ability to rapidly automate data handling and data curation using PowerShell, Python, Azure Data Factory, and various Azure-based tools.
- Ability to work effectively in ambiguous situations and respond favorably to change.
- Demonstrate ability to understand and communicate technical details with varying levels of management.
- Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, etc. are plus.
Other Requirements: Candidates must be able to meet customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings: CJIS and DOD/IT2.
- Citizenship & Citizenship Verification: This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport.
- The successful candidate must have an active U.S. Government CJIS Security clearance.
Thanks & Regards
Vandana Vishwakarma- IT Recruiter
Email ID: vandana@tekishub.com | Phone: (+1)302-216-3886 - Ext 511