Summary :
- This role is a senior analyst GCC member of the TransUnion Global Threat Detection Services Operations team, which includes SOC analysts, incident handlers as well as folks responsible for red teaming, intelligence analysis, and technical threat researchers.
- This role will focus on proactive monitoring and alert enhancements for TDS, DLP and other Cyber Threat initiatives when not leading cyber threat response efforts to complex attacks against TransUnion.
- Protecting the health and wellness of our associates and candidates considering a career at TransUnion is our highest priority. In supporting this vision, our recruitment and new hire experience for this role is fully virtual for the time being.
- Candidates interviewing will get to know our team over the phone and video, and this role will operate virtually upon hire until we return to the office. Even though we're not physically together right now, our goal is to provide you a supportive candidate and new hire experience that will immerse you in our culture and set you up for success at TransUnion.
Responsibilities :
- Technical lead for SOC/TDS monitoring and response efforts leveraging threat intelligence, forensics and automation capabilities
- Technical lead for Data Loss Prevention and Data at Rest functions where user violations are thoroughly investigated
- Design and build custom tools for investigations and research capabilities
- Assist in the design, evaluation, and implementation of new security technologies
- Participation in TDS/SOC emergency on call rotation escalated up from 24 x 7 TDS/SOC monitoring
- Triage of DLP alerts across various DLP tools
Experience and Expertise :
- Minimum of 3 to 5 years of Incident Response experience (identifying, investigating and responding to complex attacks)
- Strong host forensics analysis skills
- Experience conducting user investigations related to Data Loss Prevention based alerting as well as Insider Threat landscapes
- Strong Cloud background (CASB, O365, AWS)
- Experience with investigative technologies such as SIEM, packet capture analysis and Memory analysis tools
- Strong written and verbal communication skills to engage with company employees on DLP investigations and escalations
- Experience with Netskope, Microsoft 365 DLP, or Symantec DLP is a plus
- Ability to conduct analysis, escalation, and assistance in remediation of critical DLP incidents
- Strong understanding of threat landscape in terms of the tools, tactics, and techniques of threats employing both commodity and custom malware
- Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Mac
- Intermediate Python skills a plus
- Reverse engineering skills a plus
No comments:
Post a Comment