Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Principal Cyber Security Engineer-- Blue Team
Company Coupang USA
Location Mountain View
Preferred GIAC Certifications GCIH
Travel 10%
Salary Not provided
URL https://boards.greenhouse.io/coupang/jobs/1890704
Contact Name Arun Chauhan
Contact Email arunchauhan1971/at/gmail.com
Expires 2020-02-06

Job Description

Key Responsibilities:
• Monitoring, identification and response to cyber security incidents
• Cyber security investigation at the network, endpoint and cloud
• Host based and Network packet capture/traffic analysis
• SIEM Rule development and fine tuning to detect security incidents and anomalies
• Conduct research and analysis on local and worldwide cyber threat streams against
Coupang
• CSIRT Team and cyber investigations lead
Qualifications:
• Successfully respond and investigate security incidents (live or postmortem) up to root cause level (either as lead or support role in the follow-the-sun delivery model)
• As an outcome of investigations, provide recommendations to build secure infrastructure to prevent future attacks with similar TTPs. This done through deep understanding of information security fundamentals including endpoint protection, network topology, segmentation, switching and routing and web application security.
• Continuously assist the SOC to development and finetune rulesets to identify threats and incidents and minimize false positives.
• Successfully lead major investigations that require multiple team members
• Seasoned IR lead that are able to remotely manage a team of responders and investigators.
• Effectively manage the different business and IT stakeholders affected by a major incident
• Provide situational awareness on cyber threats, actors and TTPs relevant to Coupang and
related industries in a local, regional and global coverage
• Provide effective leadership during IR and investigations
• Provide business risk assessments of cyber threats and technical vulnerabilities
• Develop technical and executive incident and investigation reports
• Delivery of Cyber Threat Intelligence (CTI) products
• Present situational awareness, findings and recommendations to management and
executives
• Oversee and monitor routine security administration
• Manage and mentor a dedicated team of analysts and investigators
• Define access privileges, control structures and resources
• Research and recommend security controls
• Provide technical advice to colleagues across different business units
• Defend systems against unauthorized access, modification and/or destruction
• Identify abnormalities and report violations
• Respond immediately to security incidents and provide post-incident analysis
• Conduct data breach and security incident investigations
• Conduct APT and Adversary hunt
• Liaison with other cyber threat analysis entities
• Design and conduct security audits to ensure operational security
• Perform network and host vulnerability assessment and risk analysis
• Experience with AWS Cloud service