|Preferred GIAC Certifications||GCIH|
We are looking for a problem solver with a taste for complex challenges who can devise practical, innovative and effective solutions using the most appropriate languages, tools and hardware. You will assist in the effort of finding known and unknown threats and understanding new adversary TTPs (Tactics, Techniques and Procedures).
Your training and development budget will include at least one major off-site training course annually (SANS etc), at least one major security conference (Blackhat, Defcon, RSA etc) as well as local conferences and events. You'll be encouraged to keep your skills up to date with other events such as internal red/blue team events, hackathons, membership of various groups and societies. You'll be provided a budget to grow a reference library for yourself and your team, and a lab to run proof of concept projects in.
What you'll do
Support the SOC in understanding incidents targeting Workday.
Improve threat detection using network or system capabilities.
Drive security monitoring efforts
Perform gap analyses to identify where extra tooling and automation can extend the coverage of the SOC monitoring.
Build automation solutions around open-source and proprietary tools.
Evaluate new tools and techniques to create innovative and practical security solutions.
Help drive team development by mentoring new and existing staff.
Skills and Experience
5+ years of experience in a similar technical security role
BS Degree in Computer Science (or equivalent)
Mature approach to supporting a 24/7 SOC in a follow-the-sun model
Experience with cloud security concepts, solutions, and automation
Familiarity with mobile security challenges and solutions
IDS/IPS/HIDS systems, DLP systems, firewalls, SIEM systems, and vulnerability scanning tools
Demonstrated knowledge of Information Security attack methods and techniques
Python, Ruby and other scripting languages is essential, as is a strong understanding of Linux/OSX and Windows
Deep understanding of network and application security threats, attack techniques, and mitigation options and network related protocols (e.g. TCP/IP, IPSEC, routing protocols, etc.)
Solid knowledge of securing all major operating systems
Relevant Security, Systems, and Networking certifications a plus