The Cybersecurity Engineer III within the Monitoring and Response team contributes to a variety of global enterprise information security services in support of the Chief Security Officer. The Cybersecurity Engineer III will have demonstrated in past roles the ability to work effectively with limited supervision on security related tasks and projects, drive results, and build positive relationships with coworkers and customers (both internal and external), specifically in the areas of Security Information & Event Management, Data Analytics, creation of security relevant dashboards, reports, event correlation, etc.
The Cybersecurity Engineer III within the Monitoring and Response team contributes to a variety of global enterprise information security services in support of the Chief Security Officer. The Cybersecurity Engineer III will have demonstrated in past roles the ability to work effectively with limited supervision on security related tasks and projects, drive results, and build positive relationships with coworkers and customers (both internal and external), specifically in the areas of Security Information & Event Management, Data Analytics, creation of security relevant dashboards, reports, event correlation, etc. This individual will have a key role in leading one or more of the following enterprise security services:
Cybersecurity Monitoring & Analysis Cybersecurity Incident Response Investigations & Data Forensics Vulnerability & Exposure Management Insider Threat & Threat Intelligence Cybersecurity Automation and DevelopmentThe incumbent will play a strong role in daily operations pertaining to the correlation, identification, and analysis of indicators of malicious or inappropriate activity. This individual should have a documented background in technical experience performing various technical hands-on and mentorship roles within the programs listed above. This role will require the individual to perform as an escalation path for events and incidents as required.
The Cybersecurity Engineer III will have a high level of collaboration with other Analysts and Engineers within our IT Operations, DevOps, and Governance organizations. The ideal candidate will have strong capability in complex problem solving, ability to challenge assumptions and consider alternative perspectives, think quickly and perform in high-stress situations, drive change across the enterprise, and operate well in a strong team environment.
Responsibilities:
Performs analysis and response to tier I and II security relevant alerts and events; serves as an escalation point for security relevant alerts and events from Junior Analysts Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations accordingly Assesses network traffic patterns and session data for indicators of malicious activity; takes initiative to drive procedural or technical change within the enterprise environment Plays a lead role in prompt and effective response to information security incidents Identifies business risk and advises appropriate business contacts as required to treat such risk Supports the automation and improvement of the overall Information Security posture at Asurion Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that effect core information security services Serves as a leader in technical space, which proactively seeks out new technical solutions, identifies gaps, understands risk-based prioritization within the greater Security & Risk function, etc. Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining professional networks; participating in professional organizations Performs other related duties as assigned in support of other Security & Risk program effortsRequirements:
BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered. MS in Computer Science, Information Systems, or a related field, desired. Ideally, 5+ years of progressive experience in computing and information security, including experience with Internet technology, security technology, issue resolution and leading teams in a cross functional, global setting. CISSP, GSEC, GCIA, GCIH, GCFA, or other security related certifications desired. Documented understanding of core network protocols (TCP/IP, ICMP, DHCP, DNS, etc.) Demonstrated competency in key security technologies: SIEM Tools (Splunk, ArcSight, LogLogic, Elastic, etc.), HIDS / HIPS (TippingPoint, SourceFire, Snort, CheckPoint IPS, NetWitness, MIR) DLP (Symantec, ForcePoint, etc.), HIDS / HIPS, AV & endpoint management, network anti-malware (FireEye, Palo Alto), Forensic tools (EnCase, FTK, etc.) Familiarity with common programming languages desirable (Python, Java, C#, PowerShell, etc.) Proven analytical and problem-solving skills are necessary. The ability to operate under ambiguous circumstances, address uncomfortable issues and leverage data to make informed decisions. Excellent communication (oral, written, presentation), interpersonal and consultative skills are required.This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.
For two decades, Asurion has led the technology protection industry around the globe. The Company provides premier support solutions to enable optimum use of technology; digital applications to protect their privacy and provide security; and rapid replacement of lost, stolen, damaged or malfunctioning devices. Asurion partners with the leading wireless companies, retailers and service providers enabling them to focus on their businesses and to provide services that delight their customers. Asurion's 16,000+ employees worldwide specialize in fulfilling the needs of more than 280 million consumers.
We value open source technologies, solve challenging and unique problems, and innovate quickly. We embrace continuous delivery and Lean Startup principles. We encourage creativity from our architects and engineers every step of the way, working with various teams including product, user experience, call center operations, mobile and systems. Our teams are small enough to make fast decisions, yet our audience is large enough that our work makes a tremendous impact.