about 3 hours ago
Responsibilities
- Develop new cyber detections for threats using SIEM and other security tools.
- Automate processes for triaging security incidents and incident response.
- Assess software and service requests from within the organization.
- Deploy and develop solutions to secure Stack AV’s infrastructure and data.
- Conduct vulnerability and security assessments on Stack’s infrastructure.
- Respond to security incidents and drive mitigation efforts.
Requirements
- Experience with Security Information and Event Management (SIEM) tools like Splunk or Elastic.
- Threat hunting experience across various logs and data sources.
- Experience with Endpoint Detection and Response (EDR) tools such as Crowdstrike.
- Thorough understanding of security best practices for MacOS, Linux, and Windows.
- Experience creating threat and DLP signatures for various security solutions.
- Extensive experience in developing and automating incident response policies.
- Strong technical troubleshooting skills for complex project delivery.
- Knowledge of network orchestration and automation using Python and Ansible.
- Experience with DevSecOps practices and securing containerization technologies.