Threat Hunting Analyst

Cisco Systems
Full Time
Research Triangle Park, NC
Posted
Apply This Job
Job description
    *No Full-time Remote*
    JOB DESCRIPTION
    Cisco's Security Visibility and Incident Command (SVIC) forms part of the investigative branch of Cisco's Security and Trust Organization (S&TO), and is Cisco's cyber investigations and forensics team. It provides Cisco with tailored security monitoring services in order to protect Cisco from cyber attacks and the loss of its intellectual assets. The primary mission of SVIC is to help ensure company, system, and data preservation by performing comprehensive investigations into computer security incidents, and to give to the prevention of such incidents by engaging in dedicated threat assessment, mitigation planning, incident trend analysis, and security architecture review. The Security Visibility and Incident Command is a highly-functioning, diverse, and globally distributed group of best-in-class professionals from various technical backgrounds. We're Open Source Software contributors, technical authors, tool builders, DFIR community members, lock pickers, makers, and breakers.

    *******
    No Full-time Remote
    *******

    What You'll Do
    SVIC is looking for an experienced security professional to join SVIC's Threat Intelligence Operations and Research Team. This is an opportunity to contribute to a highly transparent security operations function with global impact upon Cisco, its diversified business, business units, service ventures, partners, and customers. We are looking for a motivated individual with good team fit and the ability to focus on data security and incident analysis. You have a very strong interest in complex problem solving, ability to challenge assumptions, consider alternative perspectives, nimble thinking and perform in high-stress situations, while operating exceedingly well in a strong, tight-knit, collaborative team environment.

    Role & Responsibilities
      Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).
      Assist with setup and tuning of multiple security monitoring products and data feeds
      Collaborate with data source SMEs in SVIC and InfoSec to enhance, improve, or modify cloud (IaaS, SaaS, etc) based security detection and response.
      Update, modify, and enhance existing programs used for security detection and response.
      Develop documentation on all custom solutions.
      Identify attackers and their methods, but also use your IT and networking expertise to improve detection logic.

    Role Specific Skills
    Attack Analysis:
      Log Analysis (System, Firewall, Application)
      Attacker Tools

    Cyber Threat Intelligence:
      Threat Hunting
      Intelligence Analysis
      Attacker Methodology
      Industry Peer Collaboration & Information Sharing

    Incident/Investigations Handling:
      CyberSecurity Impact Assessment
      CyberSecurity Problem Management
      Automation/SOAR
      Root Cause ID / LTF

    Non-Cisco Tools: Splunk, OSQuery, ThreatQuotient, MISP, RecordedFuture, Volatility, Cuckoo, Maltego, Powershell, Wireshark, Encase, Tableau
    Cisco Tools: AMP4E, Network AMP, WSA, Firepower IPS, NGFW, ESA, CTA, ThreatGrid, Stealthwatch, Umbrella, SecureX, CPO

    Languages: Python, Go, Java, Javascript, SQL, MySQL, MITRE ATT&CK
    Relevant Certifications:
    GSEC, GCIA, GISF, GCED, GCFA, GCFE, GREM, GCTI, GASF, GCEH, CISSP, CCSP, SSCP

    Minimum Qualifications
      Good technical skills in a variety of operating system, languages, and databases
      Some scripting/coding abilities
      Agility and willingness to deal with a high level of ambiguity and change
      Flexibility – willingness to pitch in where needed across program and team
      Ability to work at Cisco's Research Triangle Park, NC campus (No Full-time Remote)
      Occasional travel (<10%)
      US Citizenship required
      Existing Government Security Clearance is preferred or ability to obtain a clearance.

Message to applicants applying to work in the U.S.:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco pays at the standard rate of 1% of incentive target for each 1% revenue attainment against the quota up to 100%. Once performance exceeds 100% quota attainment, incentive rates may increase up to five times the standard rate with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

johnandkristie.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, johnandkristie.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, johnandkristie.com is the ideal place to find your next job.

Save This Job Apply Job

Intrested in this job?

Related Jobs

All Related Listed jobs

UX Designer (Only W2)
Intellibee Inc Charlotte, NC

Job Title: UX Designer (Only W2)Location: Charlotte, NCTop 4 Skills: AEM experience Experience working with detailed design standards and brand guidelines Excellent verbal and written
District Chef Opportunity - Atlanta Public Schools (Weekdays Only!)
SFE - Southwest Foodservice Excellence Atlanta, GA

SUMMARY OF POSITION:The District Chef supervises a district within the school systems and provides a friendly, responsive service in a clean and safe environment for all of our customers to enjoy.
ilani Table Games Dealer FREE Training
ilani Ridgefield, WA 98642

Feeling FROZEN in your current job. Break the Ice with a New Career! We are heating things up with FREE Table Games Dealer training at ilani!Take advantage of this SMOKING opportunity by letting us
POLICE OFFICER III, BUPD University Police
Boston University Boston, MA 02215

Actively patrol the Boston University campus environment, preserve the public peace, prevent and detect crime, arrest and prosecute violators of the law, provide emergency assistance, enforce
Field Service Technician (Industrial Equipment)
PAC Worldwide Middletown, OH 45044

Our Field Service Technicians are the Subject Matter Experts for our proprietary PAC Jacket equipment and service. You will provide technical support for PAC Jacket equipment and film sales team.

Analyst - Sales and Trading, TD Securities
TD Bank New York, NY 11205

TD Description TD Securities provides a wide range of M&A advisory, capital markets products and services to corporate, government and institutional clients. The firm works
Healthcare Account Representative - Cleveland
Grainger Brooklyn Heights, OH 44131

Healthcare Account Representative About Grainger: Grainger is a leading broad line distributor with operations primarily in North America, Japan and the United Kingdom. We achieve
Radiologic Technologist
Pacific Mobile Diagnostics Phoenix, AZ 85012

Do you consider yourself, adventurous, and self-motivated with an entrepreneurial spirit, Pacific Mobile Diagnostics may be the perfect partner for you! Pacific Mobile is looking to expand and grow,
Agent-At Your Service
Marriott International, Inc Detroit, MI

Nmero de Empleo 23028996 Categora de Empleo Rooms & Guest Services Operations Ubicacin Detroit Marriott at the Renaissance Center, 400 Renaissance Dr W, Detroit, Michigan, United
Research Scientist, Department of Neuroscience
The Rector & Visitors of the University of Virginia Charlottesville, VA 22908

The Department of Neuroscience and the Center of Brain Immunology and Glia at the University of Virginia is seeking a motivated Research Scientist to work in the Kuan Lab to investigate (1)