Events  Classes  Deals  Spaces  Jobs 
    Sign in  
CLEAR // biometric identity platform
Austin, Texas, United States    Posted: Friday, June 07, 2019
Apply To Job

CLEAR makes life easier & more secure by using biometrics your fingerprints, eyes & face to confirm that you are you, & keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet or phone. Now in 45+ airports & other venues nationwide, you are your ID, credit card, ticket, reservation & more with CLEAR.

Were defining & leading an entirely new industry, moving quickly with data-informed decisions, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List & winner of the SXSW Interactive Innovation Award, were working tirelessly to create frictionless customer experiences for our 3+ million members across the country.

We are looking for a Senior Threat Hunting Analyst to join our team. The ideal candidate has a strong drive to solve security challenges & the desire to implement best-in-class security measures using cutting edge technology. The right person for this role has a proven track record of delivering high-quality security solutions in a scaling environment.

What You Will Do:

  • Support the incident response team by providing advanced analysis services when requested to include recommending containment & remediation processes, independent analysis of security events.
  • Implement new detection capabilities & improve upon existing security tools.
  • Review audit logs & identify/audit behavior.
  • Create & disseminate summary reports, investigation reports, & threat briefs.
  • Recommend remediation activities to secure the source or initial point of access of intrusion.
  • Provide cyber threat intelligence collection & correlation in coordination with a cyber-threat team.
  • Profile & track APT actors that pose a threat in coordination with threat intelligence support teams.
  • Provide targeted attack detection & analysis, including the development of custom signatures & log queries & analytics for the identification of targeted attacks.
  • Develop & execute custom scripts to identify host-based indicators of compromise.Determine scope of intrusion identifying the initial point of access or source.
  • Provide executive level cyber security strategic recommendations along with security engineering recommendations & custom solutions to counter adversarial activity.
  • Develop analytics to correlate IOCs & maximize threat detection capabilities based off defense analysis processes. Conduct analysis of network traffic & host activity across a wide array of technologies & platforms
  • Assist in incident response activities such as host triage & retrieval, malware analysis, remote system analysis, end-user interviews, & remediation efforts.Compile detailed investigation & analysis reports for internal SOC consumption & delivery to management
  • Track threat actors & associated tactics, techniques, & procedures (TTPs). Capture intelligence on threat actor TTPs & develop countermeasures in response to threat actors
  • Analyze network traffic, IDS/IPS/DLP events, packet capture, FW logs,malicious campaigns & evaluate the effectiveness of security technologies
  • Provide expert analytic investigative support of large scale & complex security incidents
  • Perform Root Cause Analysis of security incidents for further enhancement of alert catalog. Review alerts generated by detection infrastructure for false positive alerts & modify alerts as needed
  • Provide forensic analysis of network packet captures, DNS, proxy, vpcflow, malware, host-based security & application logs, as well as logs from various types of security sensors

Who You Are:

  • Bachelors degree in Computer Science, Information Systems Management, Engineer or related field
  • 4+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, & malware triage
  • Experience with packet analysis & usage of deep packet inspection toolsets.
  • Knowledge & experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix
  • Familiarity with EDR/SOAR/Anomaly detection solutions.
  • Experience with Splunk & Splunk Enterprise security.
  • Strong usage of scripting languages for automation, such as Python, Powershell, Bash.
  • Experience with Security Operations.
  • A working understanding of cloud security,mobile security,container security.
  • Experience with APT/crimeware ecosystems
Apply To Job
© 2019 GarysGuide      About    Feedback    Press    Terms
Sponsor Gary's (World Famous) Red Tie