Skip Navigation

McAfee ACTS Threat Researcher/SOC-IR

Primary Location New York City, New York Date posted 02/07/2020
Apply Now Job ID: JR0017759

Job Title:

McAfee ACTS Threat Researcher/SOC-IR


US, New York, New York City

Role Overview:

The Senior Security Operations Center (SOC)/IR Analyst position performs in a Senior Level Researcher/IR role from an automation perspective. The Analyst will use advanced network and host based tools that will proactively search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions. This role could role into a technical lead for elevated threat management and security solutions identified by or reported to the SOC/IR. Will be responsible for developing and assisting in the development and advancement of automation and integration technologies. Candidate should be capable of clear communications to varying audiences across the organization, in addition to seeking and building consensus were needed to achieve a strengthened security posture.

Company Overview

From device to cloud, McAfee provides market-leading cybersecurity solutions for both business and consumers. McAfee helps businesses orchestrate cyber environments that are truly integrated, where protection, detection, and correction of security threats happen simultaneously and collaboratively. For consumers, McAfee secures your devices against viruses, malware, and other threats at home and away. With the mission of capturing the biggest market share in the area of cyber security, network security, endpoint security, threat research, malware research, cloud security, we work together for a common goal of shaping the company’s future by designing and building best in class cyber security solutions.

About the Role:

•    Proactively hunt for and research potential malicious activity and incidents across multiple platforms using advanced threat network and host-based/open source tools
•    Use both internal and external threat intelligence to build indicators of compromise into monitoring tools, be able to integrate these tools with one another to provide data enrichment
•    Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior
•    Ability to automate networking tasks and analysis tasks
•    Be able to effectively document code and automation efforts effectively in an understandable manner for a non-programmer
•    Report common and repeated problems (trend analysis) to management and propose/drive process and technical improvements
•    Provide resolution plans for system and network issues
•    Provide support in the detection, response, mitigation, and reporting of real or potential cyber threats to the environment and be able to assist in the automation of these processes
•    Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in cybersecurity operations
•    Provide written and verbal reports and updates to customers/business units
•    Leadership role in providing ongoing knowledge transfer to junior analysts
•    Develop and maintain up to date Run-Books and/or Standard Operation Procedures to maintain relevancy, address current/emerging threats and technology, and ensure constant improvement that meet industry standards and emerging attacks and threats
•    Lead and/or support major projects, including new initiatives, capacity, life-cycle management, new products and/or features, and integration
•    Develop process and architecture diagrams

About You:

•    Track record of experience as a SOC Analyst performing incident handling, sensor alert tracking, and/or cybersecurity case management
•    Must have experience programming in at least one of the following: Python, Powershell, Bash, Shell Script, Batch, VBscript (Python experience preferable)
•    Must have cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security and log collection and analysis understanding
•    Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
•    Experience and keen understanding of cybersecurity tools, including McAfee ePO/VSE/ENS, Crowdstrike, Splunk, Arcsight, ServiceNow
•    Network Traffic Analysis, Automated Malware analysis, Raw Packet Captures, database technologies, web application technologies, firewall technologies, etc.
•    Experience with cybersecurity forensics tools and methodologies (Disk, file and memory acquisition)
•    Experience in Tabletop exercises
•    GCFA, GCFE, CISSP, GCIH, GCIA, or GNFA preferred
•    Involvement in threat intelligence and cybersecurity communities
•    Experience with providing formal and informal training/instruction and ability to communicate technical details effectively to junior IT personnel and C-level management
•    Familiarity with Linux command line
•    Willingness to work overtime and adjust to reasonable demands from customer, as and if required
•    Able to multitask and give equal and/or required attention to a variety of functions while under pressure
•    Ability to work independently and take ownership of projects and initiatives
•    Excellent written and verbal communication skills required
•    Experience in developing and maintaining Run-Books and/or Standard Operation Procedures in a SOC environment
•    Strong troubleshooting, reasoning and analytical problem solving skills
•    Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management
•    Team player with the ability to work autonomously


Company Benefits and Perks:

Our corporate culture and values are central to McAfee’s philosophy. Every day we embrace a more diverse workforce and inclusive environment. We are encouraged to bring our true selves to work. Our wide range of social communities & programs, flexible work hours and family-friendly benefits, all allow our employees to feel valued as people, while enjoying positive and challenging work.

Check out more: Careers & Life at McAfee.   

Perks may include:

  • Pension / Retirement Programs

  • Medical, Dental and Vision Coverage Programs

  • Paid Time Off

  • Support for Community Involvement

Unleash your PowerJoin our Talent Network:

Posting Statement:

McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Job Type:

Experienced Hire

Primary Location:

US, New York, New York City

Additional Locations:

Apply Now

Sign Up for McAfee Job Alerts


Get the latest job openings delivered to your inbox.

Interested InSelect a job category from the list of options. Select a location from the list of options. Finally, click “Add” to create your job alert.

What's Happening

Check out #LifeAtMcAfee

Explore our Blog