Systems Engineer – Threat Detection and Response 27 views

POSITION PURPOSE
The TDR (Threat Detection & Response) Analyst will report to the TDR Manager. He/she will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. The TDR Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. The TDR Analyst should have familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, and have a working knowledge of defense in depth strategies. The TDR Analyst must be competent to work at a technical level, be capable of identifying threats and vectors that cause security events and be able to follow defined procedures for mitigating said threats.

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES
30% Delivery & Execution – Performs configuration, debugging, and support for information technology solutions; Performs field and corporate roll-outs of technology; Performs the stand up the necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs; Executes basic project planning and reporting; Performs test suites (functional, destructive, etc) to enable successful rapid deployment of infrastructure as code to production

10% Learning – Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impact tools, training, and support necessary to keep systems up, running, and secure; Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice); Proactively views articles, tutorials, and videos to learn about new technologies and best practices being used within other technology organizations

10% Planning & Analysis – Uses critical thinking to approach problems and create solutions; Collaborates with senior leaders on assignments; Determines opportunities for improvement based on volume of tickets and contributes stories for the remediation

50% Support & Enablement – Collaborates with product and project teams to understand needs and enable them with infrastructure; Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate; Performs root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions; Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability; Opens and manages vendor problem tickets to resolution; Produces in-house documentation around solutions; Monitors tools and proactively helps teams struggling with systems issues and informs senior engineers of negative trends; Provides application support for software running in production; Supports the creation of scripts and tools that that drive automation and enable product teams and end users to move towards self service

NATURE AND SCOPE
This position typically reports to Systems Engineer Manager or Sr Manager
This position has 0 Direct Reports

Environment:
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable
Travel:
No travel requiredMINIMUM QUALIFICATIONS
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.

Education Required:
The knowledge, skills and abilities typically acquired through the completion of High school diploma and/or GED

Years of Relevant Work Experience: 0-2 years

Physical Requirements:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles

Preferred Qualifications:

  • Respond to network and host-based security events. Analyze common application protocols to detect anomalous/reconstruct malicious activity
  • Analyze various Operating System logs to detect anomalous/reconstruct malicious activity
  • Investigate, correlate IOCs present findings to senior analysts to determine impact
  • Participate in detecting, investigating, and resolving security events
  • Capable of working independently while supporting the TDR as necessary
  • Identify and propose areas for improvement within the Threat Detection & Response Center
  • Provide documentation and project support
  • Act as a peer group leader to help train support staff
  • Serve as an escalation point for difficult problems and complex inquiries
  • Support shift lead when necessary

Skills and Attributes for Success:

  • Information Security Principles, Technologies, and Practices
  • Proven experience with multiple security event detection platforms
  • Thorough understanding of TCP/IP
  • Thorough understanding of application protocols
  • Ability to code in one or more major programming or scripting language
  • Ability to multi-task and prioritize work effectively, self-starter, attention to detail,
  • Demonstrated integrity in a professional environment
  • Good social, communication and technical writing skills
  • Comfortable navigating and troubleshooting Linux and Windows system issues

Additional Qualifications:

  • GSEC
  • Linux+
  • Security+

More Information

Apply for this job

Leave your thoughts

Share this job
Company Information
  • Total Jobs 24 Jobs
  • Location United States
  • Full Address 2455 Paces Ferry Road Northwest Atlanta, GA 30339 United States
Connect with us
Contact Us