Company | NetWitness |
---|---|
Location | Remote |
Preferred GIAC Certifications | GCIH, GCIA |
Travel | 20% |
Salary | Not provided |
URL | https://recruiting.ultipro.com/RSA1000RSAS/JobBoard/f68a6039-2280-43b7-bff8-e7bbca2bda92/Opportunity/OpportunityDetail?opportunityId=4c163181-994b-4c34-8b02-fd6d56c99d51&sourceId=0ba23a27-dd7c-45a2-81ab-29b7e5e3ba96 |
Contact Name | Matt Craddock |
Contact Email | matt.craddock/at/netwitness.com |
Expires | 2022-06-14 |
Job Description
NetWitness CyberDefense Consultant
As one of the most established cybersecurity companies in the world, we at
NetWitness are hard at work every day helping our customers and partners
better protect their organizations from cyberattacks. Our products and services are used within most large enterprises, governments and
militaries for incident response and threat hunting. Our Sales Professionals,
Sales Engineers and Professional Services Consultants design and deliver
solutions for potential and existing customers to enable better visibility, insight
and action to prevent and defend against attacks. NetWitness provides the
unique ability to provide one single platform with a unified view across all attack
surfaces including Network, Logs/SIEM, Endpoint and IoT combined with our AI-
based User and Entity Behavioral Analysis (UEBA) and Security, Orchestration,
Automation & Response (SOAR) capabilities.
Principal Accountabilities:
Work with customers to better enable their ability to detect threats and respond.
Provide input on cybersecurity best practices around assessment and response procedures
Develop detection content and use cases within the Netwitness product
Understand assessing customer gaps in visibility and provide next step recommendations
Assist customers increase visibility and detection capability working in synergy with
incident response team members and providing expert advice about
how to investigate potential attacks
Support with pre and post-sale opportunities to help demonstrate advanced
usage of the NetWitness product suite, while also providing an opportunity
for knowledge transfer and enablement of clients and internal RSA staff
Perform research and develop techniques to identify and mitigate threats,
staying abreast of all emerging threats and developing creative solutions to
solve customer issues
Travel up to 20% although primarily remote
Skills:
Excellent written/verbal communication and interpersonal skills
An understanding and application of the MITRE ATT&CK framework
Expertise in at least one of the following domains: Network Forensics, Host
Based Forensics, Log Analysis
Basic threat intel analysis
UNIX/Linux expertise, Specifically CentOS