We are currently seeking a Sr. IT Security Threat Engineer for a contract opportunity with a prominent multinational chemical company in Houston, TX.
The IPC Senior IT Security Threat Engineer guides the architecture, management and monitoring of enterprise wide threat, incident, and event management and security analytic solutions protecting against intrusions such as targeted threat actors, malware, hacking attempts, and other forms of cyber-attacks. Your primary responsibilities will be maintaining the security analytic tools architecture, developing threat intelligence, monitoring incidents and events, analyzing the clients intrusion resistance, and leading the effort to automate, integrate, and aggregate the data systems needed to expedite accurate analysis.
This role will be a security evangelist and will drive company-wide changes to remediate and discover weaknesses.
This position reports to the Information Protection Manager, Security and Forensics and is located at our North American Headquarters in Downtown Houston.
- Manage, operate, and maintain the SIEM (Splunk ES) and Security Analytics systems along with the security monitoring tools used for the intrusion analysis and incident response.
- Analyze the clients intrusion resistance on an on-going basis and lead improvement efforts through automation, integration, aggregation.
- Find / develop new threat intelligence, detection, hardening strategies.
- Provide information protection expertise to IT operational teams to ensure systems are properly protected and monitored.
- Evangelize security within the clients and drive changes needed to respond to emerging threats.
- Analyze cyber threat data and correlate with existing understanding of cyber threats impacting the clients environment.
- Profile new and emerging threats to the IT landscape.
- Serve as the technical lead to the event response team, providing mentoring to team members as needed.
- A minimum of 3 years’ experience performing security incident response.
- Bachelor’s degree in computer science, information systems, or related field or comparable work experience.
- Extensive experience with SIEM (Splunk ES) technology, including regular maintenance and tuning.
- Experience with SIEM (Splunk ES) content development such as correlation rules, filters, lists, views, and reports.
- Experience with System Analytic technology and how it is used for security analysis.
- Experience dealing with and understanding commonly used targeted attack techniques, tactics and procedures.
- Strong general IT and INFOSEC background including cryptography and network/systems/physical security.
- Strong analytical and interpersonal skills.
- Large enterprise experience preferred.
- Deep Subject Matter expertise of network based and system-level attacks and mitigation methods.
- Solid scripting abilities (Perl, Python, Shell, etc.)
- Expertise with log analysis and developing custom scripts/functionality as needed.
- Excellent verbal and written communication skills, to include forensic reports and investigation summaries.
0 CISSP, CCNA, or other security recognition certifications desirable.
- Intercultural competence