Cyber Threat Engineer - Global Threat Operations
London, UK
Job Description
A Cyber Threat Engineer is a member of the Threat Detection and Response (TDR) team within Trustwave Managed Security Services (MSS). This team specifically will act as the monitoring and response extension of a Digital Forensics and Incident Response Services (DFIR) team to provide 24/7 monitoring. In addition to possessing technical knowledge, a Threat Engineer interacts extensively with customers and partners using polite professional etiquette and serves as a technical point of escalation within TDR.
Cyber Threat Engineers perform the following duties:
- Analyze escalated, complex cases involving a pattern of security events from endpoint detection and response technologies.
- Resolve intractable technical problems within managed security solutions as part of a sustained improvement project.
- Create, improve, and document processes for the management and monitoring of security solutions.
- Tune devices for blocking and reporting based on customer business need.
- Baseline threat detection devices for complex and potentially breached customer environments.
- Test and improve endpoint detection, protection, and response policies.
- Take responsibility for customer satisfaction and overall success of managed services.
- Timely respond to questions and concerns of the DFIR and client security teams concerning incident investigation and response.
- Adhere to policies, procedures, and security best practices.
- Resolve problems independently and understand appropriate documentation and escalation procedures.
- Perform rotating on-call duties (nights/weekend rotations).
- Act as a mentor and escalation point for analysts within the Threat Detection and Response team.
Skills & Knowledge Requirements:
Must have intermediate skills/knowledge in some of the following:
- Cyber investigation and incident handling best practices
- Endpoint Detection and Response
- Unix/Linux and Windows system administration
- Threat Hunting and Investigation
- Web Services Administration
- Log collection and analysis tools
Desired experience:
- Advanced Palo Alto Cortex XDR
- Intrusion analysis experience
- Incident handling and documentation
- Excellent analytical thinking and problem-solving skills
- Strong oral and written communication skills
- Self-managed and team oriented
- Deadline and detail oriented
- Highly motivated
Required:
- English: Demonstrated Fluency
Preferred:
- Intermediate to advanced experience in Information Security related areas
- Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.
- Certified in Vendor Specific Incident Handling and Investigation Certifications:
- Palo Alto Networks Systems Engineer: Cortex Associate
- Palo Alto Networks Systems Engineer: Cortex Professional
- Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA)
Education:
- A high school diploma or equivalent is required; a college or university degree is a plus.
This is a remote opportunity open to anyone legally authorized to work in the UK.
Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.
Trustwave is an Equal Opportunity Employer committed to providing a working environment that embraces and values diversity and inclusion. Interested in joining our team? Apply online now. We look forward to talking to you.
#J-18808-Ljbffr