Work with McAfee

Work with McAfee.

Amazing works here and we want more of it.

Join Our Talent Network

Foundstone Threat Researcher

Apply Now    
Location:
Atlanta, GA US
Other Location(s):
Job Id:
JR0007507
Job Category:
Sales
Job Description

The role:

Senior Security Operations Center (SOC) Analyst / Threat Detection Analyst

Work Location:

Atlanta, Georgia

Business Introduction:

With the mission of capturing the biggest market share in the area of cyber security, network security, endpoint security, threat research, malware research, cloud security, we work together for a common goal of shaping the company’s future by designing and building the best in class robust and scalable security products for consumer and enterprise customers. As industry top performers, we aim to develop optimized high performance system software solutions with high availability and reliability.

This is where you come in. We are looking for a new team member who defined by his/her unique and innovative skills, style or point of view. You can be an architect, scientist, threat researcher, or a coder as long as you design things that matters.

Role Summary:

The Senior Security Operations Center (SOC) Analyst position performs in a Senior Level Threat Hunter/Researcher role from an automation perspective.  The Analyst will serve in lead role and use advanced network and host based tools that will proactively search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions.  This role will also be the technical and strategic lead for elevated threat management and security solutions identified by or reported to the SOC. Will be responsible for developing and assisting in the development and advancement of automation and integration technologies. Candidate should be capable of clear communications to varying audiences across the organization, in addition to seeking and building consensus where needed to achieve a strengthened security posture

As a SOC Analyst a typical day might include following:

  • Proactively hunt for and research potential malicious activity and incidents across multiple platforms using advanced threat network and host-based tools
  • Use both internal and external threat intelligence to build indicators of compromise into monitoring tools, be able to integrate these tools with one another to provide data enrichment
  • Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior
  • Ability to automate networking tasks and analysis tasks
  • Be able to effectively document code and automation efforts effectively in an understandable manner for a non-programmer
  • Report common and repeated problems (trend analysis) to management and propose process and technical improvements
  • Provide resolution plans for system and network issues
  • Provide support in the detection, response, mitigation and reporting of real or potential cyber threats to the environment and be able to assist in the automation of these processes
  • Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in cybersecurity operations
  • Provide written and verbal reports and updates to customers/business units
  • Leadership role in providing ongoing knowledge transfer to junior analysts
  • Develop and maintain up to date Run-Books and/or Standard Operation Procedures to maintain relevancy, address current/emerging threats and technology, and ensure constant improvement that meet industry standards and emerging attacks and threats
  • Lead and/or support major projects, including new initiatives, capacity, life-cycle management, upgrades, new products and/or features, and integration
  • Develop process and architecture diagrams 
  • Resolve complex networking and other technology issues with multiple parties involved

You have:

  • Over five (5+) years of experience as a Level 2 (or above) SOC Analyst performing incident handling, sensor alert tracking, and/or cybersecurity case management
  • Experience programming in at least one of the following: Python, Powershell, Bash, Shell Script, Batch, VBscript (Python experience preferable)
  • Understanding of the following: cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security and log collection and analysis
  • Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
  • Experience and keen understanding of cybersecurity tools, including McAfee SIEM, ePO, Network Traffic Analysis, DLP, Malware analysis, Raw Packet Captures, StealthWatch, database technologies, web applications technologies, firewall technologies, etc.
  • Experience with cybersecurity forensics tools and methodologies
  • Extensive experience with network ports and protocols
  • CSIS, CEH, CSTA, CSTP, GCFE, CISSP, GCIH, GCIA, or GPEN preferred
  • Well known protocols and services (FTP, HTTP, SSH, SMB,DAP) preferred
  • Leading and directing security incident response
  • Involvement in threat intelligence and cybersecurity communities

Additional Skills:

  • Strong leadership skills and ability to manage teams and shifts of analysts effectively
  • Experience with providing formal and informal training/instruction and ability to communicate technical details effectively to junior IT personnel and management
  • Willingness to work a 24x7 shift schedule that may include 2nd or 3rd shifts and weekends
  • Able to multitask and give equal and/or required attention to a variety of functions while under pressure
  • Ability to work independently and take ownership of projects and initiatives
  • Excellent written and verbal communication skills required. Must be able to communicate technical details clearly
  • Experience in developing and maintaining Run-Books and/or Standard Operation Procedures in a SOC environment
  • Strong troubleshooting, reasoning and analytical problem solving skills
  • Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management
  • Team player with ability to work autonomously


Qualifications

Amazing organizations don't just happen. Vision, strategy and innovation come to life through exquisite execution. Help create the future of McAfee, where our diverse talent and culture provide the competitive advantage to help McAfee win big!

Apply Now    
Back to top