Cyber Security Senior Advisor Threat Intelligence ContentBucharest, Romania 08/28/2018
Cyber Security Senior Advisor - Threat Intelligence Content
Dell is a collective of customer-obsessed, industry-leading visionaries. We believe that technology is essential for driving human progress, and the technology we provide transforms the way we all work and live.But we are more than a technology company — we are a people company. We recognize that over 100,000 employees across six continents have different interests and aspirations. We inspire, challenge and respect each and every one of them, every day. And we provide them with unparalleled growth and development opportunities.
The Advanced Hunting and Harvesting Endpoint functional role focuses on the advanced hunting efforts related to host forensic based events. This role also collaborates highly with content engineering, threat intelligence curation and the advanced hunting and harvesting network role. They are responsible for using the tools and techniques for finding previously undiscovered threats through cutting edge analysis of host-based artefacts as well as handling escalations from L1/L2 analysts who need incident investigation assistance.
- Providing advanced analysis by leveraging existing tools and reports to review incident event detail to support response teams
- Collaboration with content engineers in the development of new and improved tools, rules and signatures to further enrich and analyze incident data
- Provide L3/L4 escalation support to response teams through host forensic analysis, harvesting new IoCs , TTPs and Threat Actors from analysis discoveries or escalations and providing them to curation for collection and categorization
- Providing detailed executive and technical briefings related to declared incidents during and post incident, providing incident post-mortem recommendations and providing tactical defensive guidance during declared incidents
- Create WAF or EDR content in order to detect and prevent attacks.
- 5+ years of relevant experience, ideally graduate/masters in Computer Science, Information Science or Information Systems Management
- Excellent analytical and problem solving skills and one or more programming/scripting languages (Python, Scala, Java, .NET, PowerShell)
- Knowledge of signature-based script detection technologies (Yara), good systems and network administration skills
- Understanding of popular enterprise client applications and their forensic footprint, reverse engineering malware and other executables
- Expertise in host based detection, analysis and defense technologies AV, NWE, CarbonBlack, RedCloak, McAfee HIPS
- Experience with host forensic tools, examples: IDA Pro, Ollydbg, Encase, Plaso, Log2Timeline and understanding of multiple operating systems (Windows, Unix, Linux, OSX)
- Good knowledge of system internals, processes, memory and file systems, understanding of impact virtualization technologies have on the forensic process
- Mobile OS (Android, iOS)
- Virtualization and Cloud computing
- Machine Learning
- Behavioural analysis
- Big Data (Hadoop, Spark, Oozie, Drill)
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.
Job Family: Cybersecurity Job ID: R63311
Related Job Opportunities
- Integration/Development Sr Advisor (SRO) Bucharest, Romania
Join Our Talent Network
Receive alerts with new job opportunities that match your interests.