Consulting Engineer - Threat Hunting Analyst
Area of InterestCustomer Experience
Who You’ll Work With:
Working as a part of Cisco Professional Services Security team delivering Security Operation Center (SOC) services for one of our strategic customers in Saudi Arabia. You will collaborate with other the local onsite team and team leads dedicated for the customer (working Sunday to Thursday local time hours 6 AM- 3 PM).
The primary objectives of the Security Threat Hunter are to deliver and participate in enhancement of Threat Hunting services provided.
The services include the technical research of potential cyber security compromise, analysis of known and unknown threats, identification and review of potential security incidents though available information. It also requires the threat hunter to handle (leverage, create and share) threat intelligence to enhance the overall quality of services and the security posture of our clients.
What You’ll Do:
- Identify unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services
- As part of a team, operate and enhance threat hunting tools and platforms
- Implement techniques using the most advanced technologies to hunt for known and unknown threats in specific client environments, based on available threat intelligence reports and knowledge of the attackers TTPs
- Perform initial investigations (lightweight forensics) on potential incidents identified as part of the services delivery
- Leverage threat intelligence, document threats as needed and share intelligence from analysis to further enhance service quality and delivery
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Who You Are:
- Working experience in IT Security, with exposure to security monitoring, incident management and response
- Good understanding of cybersecurity topics and threat landscape
- Vulnerability and threat analysis experience
- Working knowledge of cybersecurity principles, techniques and technologies
- Strong analytical skills and efficient problem solving
- GCFA, GCIA, GREM, GCIH, CEH, OSCP and other relevant information security certifications
- Understanding of computer forensics
- Understanding of malware analysis and reverse engineering
- Good understanding of network protocols, design and operations
- Big data analytics skills
- Experience with various security monitoring and endpoint security tools
- Good understanding of the components of a threat intelligence capability
- ArcSight and Splunk (SIEM), Fidelis (EDR), Demisto (SOAR) is an advantage.
We Are Cisco
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here’s how we do it.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (30 years strong!) and only about hardware, but we’re also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!
But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.