Apply on Employer Site

Relativity · 2 weeks ago

Lead Security Engineer - Cyber Security

United States

Full-time

Remote

Senior Level, Lead/Staff

$150K/yr - $226K/yr

5+ years exp

Relativity is a company focused on providing innovative solutions in the field of cybersecurity. As a Lead Cyber Security Engineer, you will ensure the security of the company's network and infrastructure while investigating and analyzing emerging threats and providing remediation guidance to users.

ComputerEdiscoveryEnterprise SoftwareInformation TechnologyLegalLegal TechSoftware

H1B Sponsor Likely

Responsibilities

Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources

Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations

Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types

Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions

Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards

Automate incident handling processes

Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment

Serve as a subject matter expert in the mechanism and analysis of observed malicious activity

Clearly document and communicate investigation findings to both technical and executive stakeholders

Identify and automate away technical burden

Build automation to deploy, operate and connect multiple cyber security tools and applications

Qualification

Threat detectionIncident responseSecurity operationsPowerShellPythonC#DevSecOpsNetwork forensicsTCP/IPCloud securityAnalytical skillsAutomationProblem-solving skillsCollaboration

Required

5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team

Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis)

Ability to read, write and analyze PowerShell, C#, and Python

Capability to independently manage the prioritization of complex security events

Advanced understanding of common SOC/CIRT operational processes and documentation

Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks

Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture

Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls

Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data

Strong analytical and problem-solving skills

Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks

Preferred

7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks

Exposure to threat detection development and tuning

Experience in software design and development

DevSecOps experience

Ability to perform threat hunting, threat emulation, and/or purple teaming exercises

Familiarity with industry standard security devices and their configuration

Experience in reverse engineering malicious code to explore infection and propagation mechanisms

Experience with threat intelligence tools and processes

Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH)