Events  Deals  Jobs 
 
  Sign in  
 
 
 
 
CLEAR // biometric identity platform
Apply To Job

Founded in 2010, CLEARs mission is to create frictionless experiences. With more than 12+ million members & hundreds of partners across the world, CLEARs identity platform is transforming the way people live, work, & travel. Whether its at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, & more seamless. Since day one, CLEAR has been committed to privacy done right. 

We are looking for a Senior Threat Hunting Analyst to join our team. The ideal candidate has a strong drive to solve security challenges & the desire to implement best-in-class security measures using cutting edge technology. The right person for this role has a proven track record of delivering high-quality security solutions in a scaling environment.

What You Will Do:

  • Implement new detection capabilities & improve upon existing security tools & playbooks
  • Review audit logs & identify/audit behavior
  • Create & disseminate summary reports, investigation reports, & threat briefs
  • Recommend remediation activities to secure the source or initial point of access of intrusion
  • Collaborate with threat intelligence support teams to mitigate risk from contact & horizon threats
  • Provide targeted attack detection & analysis, including the development of custom signatures & log queries & analytics for the identification of targeted attacks
  • Develop & execute custom scripts to identify host-based indicators of compromise. Determine scope of intrusion identifying the initial point of access or source
  • Provide executive level cyber security strategic recommendations along with security engineering recommendations & custom solutions to counter adversarial activity
  • Develop analytics to correlate IOCs & maximize threat detection capabilities based off defense analysis processes. Conduct analysis of network traffic & host activity across a wide array of technologies & platforms
  • Assist in incident response activities such as host triage & retrieval, malware analysis, remote system analysis, end-user interviews, & remediation efforts. Compile detailed investigation & analysis reports for internal SOC consumption & delivery to management
  • Develop detection techniques & countermeasures in response to threat actor tactics, techniques, & procedures (TTPs)
  • Analyze network traffic, IDS/IPS events, packet capture, FW logs, malicious campaigns & evaluate the effectiveness of security technologies
  • Provide expert analytic investigative support of large scale & complex security incidents
  • Support the incident response team by providing advanced analysis services when requested to include recommending containment & remediation processes, independent analysis of security events
  • Perform Root Cause Analysis of security incidents for further enhancement of alert catalog. Review alerts generated by detection infrastructure for false positive alerts & modify alerts as needed
  • Provide forensic analysis of network packet captures, DNS, proxy, vpcflow, malware, host-based security & application logs, as well as logs from various types of security sensors
  • Provide executive level cyber security strategic recommendations along with security engineering recommendations & custom solutions to counter adversarial activity

Who You Are:

  • Bachelors degree in Computer Science, Information Systems Management, Engineer or related field; equivalent experience considered
  • 6 to 10 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, & malware triage & identification
  • Highly desired: Certifications such as OSCP or other recognized pentesting or threat hunting certs
  • Knowledge & experience with digital forensic processes, chain of custody, & evidence preservation to include disk, file, memory, & network capture, imaging & analysis
  • Experience with packet analysis & usage of deep packet inspection toolsets
  • Knowledge & experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix
  • Working knowledge of Advanced Persistent Threats & cyber crime TTPs
  • Strong working knowledge of EDR & SOAR solutions
  • Strong experience with Splunk & Splunk Enterprise security & possess the ability to apply analytical techniques to large data sets
  • Strong experience with Azure & AWS cloud infrastructure/security
  • Strong usage of scripting languages for automation, such as Python, Powershell, Bash
  • Experience with Security Operations
  • A working understanding of mobile & container security

#LI-Hybrid

 
 
Apply To Job
 
 
 
 
 
© 2023 GarysGuide      About    Feedback    Press    Terms