Location: Addison, TX, United States
Date Posted: Jun 21, 2021
Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.
Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.
Roles and Responsibilities:
- Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities
- Hands-on experience (L2/L3 level) in support, implementation, configuration and management of EDR/AV solutions (EDR/AV solutions like CrowdStrike, Symantec, Trend Micro & McAfee)
- Administer Endpoint Security systems to ensure maximum uptime
- Monitor, respond to and analyze trends in Workstation/Servers for security-related events
- Good understanding of Security Operational Procedures and Vulnerability Assessment
- Remain current with new security vulnerabilities and key technologies and recommends changes or actions to management as appropriate
- Be able to illustrate and explain use cases for implementation of EDR projects, watchlists, reporting, and correlations of data from multiple data sources
- Good Understanding of Malware operations and indicators or threat, current threat landscape
- Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, Windows Event Logs along with MacOS
- Resolve issues of NGAV, EDR, and good Understanding of Threat Life Cycle, Miter Attack Framework.
- Knowledge of multiple operating systems and applicable system administration skills (Windows, Solaris, Linux)
- Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTPx, LDAP and others
- Proficiency in scripting languages like Python, PowerShell, etc.
- Ensure quality work, i.e., review and validate the technical configuration changes and provide consultative ideas
- Good presentation skills to communicate status and recommendations in clear, concise language for technical and non-technical audiences
- Experience with any of well known EDR/AV solutions like CrowdStrike, Symantec, Trend Micro & McAfee
- Experience with threat hunting
- Certifications like OSCP, CEH, CISA, GSEC or relevant.
- 2+ experience with Penetration testing / Red teaming / Running attack tools / Incidence response / Forensic analysis
- Ideal candidates should demonstrate skills around det