We are seeking a Specialist, IT – Threat Lead with recent hands on experience with Security Event Monitoring for our Sacramento, CA office. Relocation is provided.
Under general direction and following established policies, performs professional assignments requiring general use and application of concepts, practices and techniques within the Information Technology and Information Security field.
As the Threat Lead, you will be responsible for protecting Aerojet Rocketdyne enterprise assets by providing the following services:
Security Event Monitoring
Incident Management & Response
Forensics & Malware Detection/Analysis/Prevention
Fraud and Threat Intelligence
Data Loss Prevention and Insider Threat Management
100% – Driving Identified Security Services
- Security Event Monitoring, Data Loss Prevention and Insider Threat Management
- Understanding of Security Incident and Event (SIEM) Monitoring and tuning (e.g., IBM QRadar)
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail
- Incident Management & Response
- Advise and consult management and internal customers on incident and vulnerability resolution
- Manage the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction
- Develop the processes necessary to support a Security Operations Center
- Forensics for internal and external systems
- Malware analysis to generate actionable items for prevention, tool updates, and ongoing refresh of internal systems
- Manage and respond to advanced attacks
- Analyze malware for signatures, hashes and other identifying characteristics
- Identify and classify malware types
- Draft brief technical reports on the malware samples analysis
- Centralized Fraud and Threat Intelligence capability
- Vulnerability Management
- Coordinate and conduct, vulnerability assessment, detection and development of mitigation strategie
- Creation and integration of IDS rules
- Creation and integration of Yara signatures
- Working knowledge of Linux and Windows a must
- Bachelor’s degree in Computer Science, Management Information Systems, Engineering, Technical Engineering or an equivalent combination of education and experience.
- 3+ years of experience in Threat Management.
- 3+ years of experience with security products and technologies, security intelligence analysis, and investigations.
- 9 years of technical knowledge and experience.
- Strong process and procedure experience in Threat operations.
- Strong sense of ownership, urgency, and drive.
- Sharp analytical abilities and proven technical requirements skills.
- Effective interpersonal skills for team building and coordination with other groups in a matrixed organization.
- Must be able to travel one time per month on average.
- Strong prioritization, decision-making and organizational skills.
- Experience driving large, cross-organization initiatives.
- Skilled at explaining complex technical issues in terms understandable by the business.
- Experience leading geographically distributed teams is a plus.
- Working effectively in a collaborative team environment.
- Strong interpersonal and consultative skills.
- Excellent written and verbal communication skills, including executive communications.
- Ability to make concrete progress in the face of ambiguity and imperfect knowledge.
- Demonstrated ability to achieve stretch goals in a highly innovative and fast paced environment.
- Strong project management and organizational skills and ability to prioritize multiple projects and deliverables.
- NIST SP 800-53 / ISO 27000, 27001, 27002 / FedRAMP / COBIT
- CISSP, CISA, CISM, CEPT, GIAC, CRISC, CCIE (Security), or CCSP certifications a plus