Sparc The World

    Who We Are Our client is dedicated to creating a world where every organization can operate without fear of cyber threats. As a cybersecurity company, they protect, support, and empower organizations to make better security decisions, allowing them to focus on their missions without the threat of cyber incidents.

    Their market-defining technology and expertise prevent breaches daily, setting a new industry standard for partnership. Grounded in their commitment to customers and core values, they have been recognized as one of Forbes Best Start-up Employers in 2022. If their mission resonates with you, let's talk.

    What We Believe In

    • Do what’s right for the customer
    • Be kind and authentic
    • Deliver great quality
    • Be relentless

    Challenges You Will Solve The Cyber Incident Response Team (CIRT) at our client's company continually pushes the boundaries of threat detection and response through a unique combination of operations, threat research, and engineering, tightly integrated with the development team that designs their analysis platform and Threat Detection Engine.

    The constantly evolving security landscape introduces new adversaries. The CIRT operates 24/7 to track down threats using the entirety of customer data and deliver fast and practical detections.

    This is not a role where you are encouraged to passively accept the current state. At our client's company, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. The automation framework handles mundane tasks, allowing you to focus on solving complex and critical problems for customers.

    What You'll Do

    • Use the detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.)
    • Publish threats for customers using concise communication while effectively conveying key and important indicators
    • Detector Development: Research coverage opportunities, create new detectors, and tune existing ones
    • Improve the CIRT workflow through orchestration & automation
    • Provide mentorship to peers and communicate effectively for efficient cross-team collaboration

    What You'll Bring

    • Analysis experience and proficiency in one or more of the following functional areas: Endpoint (MDR), Cloud/SaaS, Identity, Email, SIEM
    • Proven experience with automation and orchestration to effectively handle a high volume of telemetry and logs in a timely and efficient manner
    • Strong written communication skills and the ability to work in a team-centric environment
    • Strong analytical thought-process and critical thinking skills to translate disparate activity into threat analysis
    • Open-source intelligence research skills used in a fast-paced operational environment, with the ability to apply findings within the analytical workflow to identify threats
    • Experience leveraging Mitre ATT&CK framework and familiarity with other alternative attack frameworks and threat models
    • Familiarity with backend data structures used for security analysis (JSON, YAML, etc.)
    • Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.)
    • Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.

    Bonus Points

    • Enjoy impacting the Infosec community through writing blogs, participating in webinars, and presenting at conference talks
    • Experience using version control software for the deployment of detectors, rules, or other automations (GitHub, CircleCi, etc)
    • Previous Red Team experience

    Targeted base salary range: $95,000 - $117,900 + bonus eligibility and equity depending on experience

    %FOOTER_POWERED_BY%breezy