Advanced Threat Hunting Senior Engineer at Secureworks (DC-0046)
The Extended Detection and Response (XDR) Consultant is a fast-paced technical consulting role at the forefront of a global Incident Response Consulting team. A seasoned professional with excellent client interaction skills and appropriate technical knowledge will be successful in this role – focusing on responding to XDR customer requests for immediate assistance in investigating detected or suspected threat activity.
The XDR Consultant will be the first person from the Incident Response Consulting team to respond to XDR customer escalations. The ideal candidate will be able to rapidly assess the existing data to orient with regards to the threat levels being observed, and provide immediate containment and remediation advice to the customer. The ideal person is expected to collect and analyze additional data using digital forensic analysis techniques, to answer investigative questions that can’t be established purely from the available telemetry.
This position will require flexible work hours including weekend days to provide coverage across multiple time zones.
This is primarily a remote position.
- Work with Customers to rapidly assess Cyber Security Incidents that are escalated to Secureworks
- Manage urgent and critical interactions with Customer technical staff
- Maintain professional, calming, and authoritative presence in crisis situations
- Monitor several communication channels for incoming emergency response service requests
- Take ownership of, triage, and update tracking systems for service requests
- Gather contextual information from multiple sources to establish a service request course of action
- Meet service level agreements regarding initial response time and client notification as it pertains to Secureworks IR and managed XDR services
- Facilitate communications with customers and service delivery specialists to assess scope, objectives, and required skillsets for IR service requests
- Provide instructions in written and oral formats to customers for media handling and artifact collection that are required for IR service requests
- Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities
- Provide written and verbal handovers to an escalation team of senior responders or regional teams that the role will collaborate with
- Support the development and documentation of process and tooling improvements for efficient and effective response to MDR service requests
Knowledge, Skills, and Abilities:
- Excellent technical communication skills (oral and written) including experience briefing executive management and experience in times of crisis
- Theoretical and practical knowledge in the following areas:
– Windows and Linux operating systems
– Exploits, vulnerabilities, intrusion vectors, and malware
– Host forensics, network forensics, and malware analysis techniques
– Network traffic analysis, endpoint activity analysis, and log analysis techniques
– Understanding of enterprise cyber incident management and response processes
– Understanding of enterprise cybersecurity controls and failure modes
– Working knowledge of modern Enterprise Detection and Response (EDR) tools
- Excellent organization and resource management skills
- Excellent capability to prioritize multiple and concurrent urgent tasks
- Excellent customer service skills and ability to quickly establish technical credibility and rapport with clients
- Minimum five (5) years of experience in cybersecurity operations or IT/Network Security Engineer
- Minimum three (3) years in a client facing support role (Security Engineer, Client Services, Consulting, Professional Services)
- Professional degree relevant to cybersecurity
- GCIH, GCFE, GCFA, GREM or similar certifications
Here are more reasons to join our team!
Take a look at what we offer and feel free to reach out to us for more details!
Development programs and cybersecurity training/ certifications – because we grow together
Internal Career Progression Plan for top performers – we encourage you to follow internal opportunities
Regular workshops – we are the largest community of cybersecurity experts and we enjoy sharing our best practices during our Communities of Practice and to our trainees
Work from home policy – your time matters
Medical and Dental subscription – flexible package and you can include your family members
Annual Performance Bonus
Why work with us?
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.
Secureworks® (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Sponsors & Partners
They help us make this conference possible.
At Orange Business Services, we help our customers transform their industries, reimagine their services, create a positive impact and unleash the power of their data into an amazing and trusted resource.
With the dual expertise as a global operator coupled with the agility of an end-to-end integrator, Orange Business Services is a global network-native, digital services company. From connectivity, smart mobility services and the cloud to artificial intelligence (AI), analytics and cybersecurity, Orange Business Services helps businesses at every stage of their data management. Orange Business Services is represented in Romania by the business division of Orange Romania and helps large companies, SMEs and public authorities to transform their organizations through the use of technology and digital information.