Posted:
7/28/2024, 5:00:00 PM
Location(s):
California, United States
Experience Level(s):
Expert or higher ⋅ Senior
Field(s):
IT & Security ⋅ Software Engineering
10 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last five years and demonstrated ability to carry out the job functions effectively.
Proven experience and knowledge of Enterprise Security Operations, Data Engineering and Detection Engineering.
Knowledge on log parsers, Endpoint Detection and Response software (SentinelOne, Crowdstrike, Microsoft Defender etc.)
Advanced knowledge of at least one leading SIEM platform (Splunk, Chronicle etc.) and SOAR platforms such as XSOAR, Siemplify, FortiSOAR etc.
Familiarity with attack patterns, tactics, techniques, and procedures (TTPs) used by cyber adversaries.
Experience with cloud security and understanding of cloud-based threat detection strategies.
Basic scripting or development experience in one of the following languages: Python, PowerShell, bash, etc
Experience managing lifecycle of security log sources, including onboarding, modifying, creating log parsers and decommissioning of log sources.
Experience with developing detections in Sigma, YARA, YARA-L, KQL, SPL.
Exceptional written and verbal communication skills.
Position Overview
You will play a critical role in our cyber security function to ensure enterprise and client data is secure. You will help:
Own and Manage lifecycle of security log sources, including onboarding, modifying, creating log parsers and decommissioning of log sources.
Work independently, with limited direction from the senior leaders, to perform regular tasks and resolve escalated incidents/requests in a timely manner.
Apply advanced expertise to quality control the internal team’s and vendors’ processes, making recommendations to Director of Cybersecurity for operational plans and strategies to directly impact the achievement of overall functional results
Collaborate with internal security analysts, threat hunt, and threat intelligence teams along with MSSP’s to understand emerging threats and devise effective detection strategies.
Perform continuous monitoring and analysis of the threat landscape to update and refine detection mechanisms.
Work closely with the incident response team to provide actionable intelligence and improve response capabilities.
Validate and tune detection content to minimize false positives and ensure high accuracy and efficiency.
Contribute to the development and maintenance of the organization's security detection repository within the SIEM, ensuring it remains up to date with the latest threats and attack techniques.
Proactively identify, investigate, analyze issues and errors prior to or when they occur and log all such incidents in a timely manner. Capture all required and relevant information for immediate resolution.
Share such knowledge, to resolve issues, document them, and push the knowledge down to other engineers.
Recommend and drive the best practices and improve processes.
Act as emergency support contact as needed, for business-impacting issues.
Basic Qualifications
Bachelor’s degree in cybersecurity, related field, or equivalent work experience
Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job.
Solid grasp and experience applying common frameworks used to describe cyber threat actors, actions, and capabilities (Diamond, Veris, MITRE ATT&CK, etc.) and share threat intelligence (STIX/TAXII)
In-depth knowledge in the following fields is required: cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data; common information technology (IT) security controls (e.g.: firewalls, demilitarized zones, encryption); new and emerging information technology (IT) and cybersecurity technologies and risks; information technology (IT) supply chain and vulnerability risk best practices
Advanced planning/ organizational, problem-solving, analytical, consulting, time management and decision-making skills required
Must be detail oriented and able to maintain a high degree of accuracy
Ability to maintain confidentiality crucial
Demonstrated expert knowledge of the MITRE ATTACK framework.
About Us:
Citrix and TIBCO recently merged to create Cloud Software Group, now one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value diverse lived experiences, passion for technology, and the courage to take risks. Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.
Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.
If you need a reasonable accommodation due to a disability during any part of the application process, please contact us at (800) 424-8749 or email us at [email protected] for assistance.
Website: https://cloud.com/
Headquarter Location: San Francisco, California, United States
Employee Count: 101-250
Year Founded: 2013
IPO Status: Private
Last Funding Type: Series A
Industries: Corporate Training ⋅ DevOps ⋅ EdTech ⋅ Education ⋅ Enterprise Software ⋅ Information Technology ⋅ Internet ⋅ SaaS ⋅ Trading Platform