Cyber Threat Investigator (relocation to Australia)
Cyber Threat Investigator (relocation to Australia)
CyberCX
United States
See who CyberCX has hired for this role
About the company
CyberCX is joining forces with one of the most exciting cyber security companies from the United States to deliver projects for the Australian market.
You will be trained to deliver a patented, groundbreaking new approach to cybersecurity that identifies, stops, and prevents threats others miss. This innovative technology outperforms the components of every other network security solution and is solving the biggest challenges for customers today with better security, virtual vulnerability mitigation, reduced alert fatigue and fewer false positives.
About the role
Are you tired of looking at an endless queue of Splunk alerts? As a detection engineer, you will have the power to stop and modify threats instead of watching them pass by. With the power to change digital reality at your fingertips, you will deconstruct modern day adversarial threats and thwart them. You will work with detection engineers and alongside skilled threat intelligence, triage, and discovery teams to enact real actions.
Due to the nature of the work, applicants must be citizens of the United States. Australian government security clearances are desirable, but not required.
Relocation to Canberra, Australia is mandatory for this position. Remote working arrangement can not be considered. We will assist relocation to Australia and support the visa application process.
Duties
- Responsible for the development and design of signals which can automatically highlight active threats.
- Analyze malware, attacks, and threat intel for patterns and develop automated solutions for analysis, classification, and categorization of data for further automation.
- Conduct threat-hunting operations in complicated SaaS environments and drive product innovation in threat detection
- Work with global cyber intelligence collectors to identify, contextualize, and instrument current and emerging cyber threats.
- Identify gaps in controls, processes, systems and recommend solutions.
- Actively participate in the cyber security community, establishing relationships and knowledge sharing.
- Contribute to the detection and alerting pipeline so that our Threat Hunting team can quickly identify and remediate potential security threats.
- Develop security-focused tools and services in support of intelligence, detection, and response.
- Develop regular expressions to detect threats.
- Create YARA rules to hunt for malware.
Skills & experience
- Knowledge of operating systems and network protocols.
- Experience with writing Regular Expressions
- An advanced understanding of network detection technologies. (IPS/IDS/NGFW)
- Strong understanding of tools, tactics and procedures (TTPs) of threats actors
- Experience in incident analysis and response using industry standard frameworks such as MITRE ATT&CK and the cyber kill chain
- Experienced in security information and event management tools, such as Splunk, Elasticsearch.
- Experience with malware analysis - dynamic & static
- Must be able to validate findings, perform root cause analysis, and deliver recommendations for fixes.
- Strong scripting and automation skills are must (Python preferable)
- Strong understanding of web protocols and web application security
- Experience writing IDS/IPS, YARA signatures
Preferred:
- TTP based threat hunting
- In-depth log analysis and malware tracking and monitoring
- Data mining experience with large security data sets such as IDS, IPS and firewall logs.
- Strong development background with experience in Python and Familiarity with SQL
Benefits
- Flexible hybrid working environment (a blend of office and WFH)
- Corporate discounts on a huge variety of retail stores through our partners
- Ability to deepen your experience and skills in-line with CyberCX's specialisation as Australia's leading cyber security provider.
- Opportunities to engage directly with and support senior leadership on significant work and contribute to thought leadership.
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Information Technology -
Industries
IT Services and IT Consulting and Computer and Network Security
Referrals increase your chances of interviewing at CyberCX by 2x
See who you knowGet notified about new Cyber Threat Investigator jobs in United States.
Sign in to create job alertSimilar jobs
-
Cybersecurity Investigator_100% Remote
Cybersecurity Investigator_100% Remote
Prudent Technologies and Consulting, Inc.
-
Cybersecurity Investigator || REMOTE **(No H.1 , E.A.D s)
Cybersecurity Investigator || REMOTE **(No H.1 , E.A.D s)
Prudent Technologies and Consulting, Inc.
-
Cybersecurity Investigator
Cybersecurity Investigator
Prudent Technologies and Consulting, Inc.
-
Investigator/Cyber Investigator - Remote!
Investigator/Cyber Investigator - Remote!
Alpha Consulting Corp.
People also viewed
-
Sr. DFIR Investigator
Sr. DFIR Investigator
-
Senior Product Manager - Security Analyst, Investigator
Senior Product Manager - Security Analyst, Investigator
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub