Los Angeles, United States
over 1 year ago
Reporting to the Security Infrastructure and Incident Response manager, this is a hands-on security position working within the Information Security group and with the internal IT department at large. This position’s core focus is to analyze various security data (primarily log data collected in a SIEM) and produce actionable and interesting insights regarding user behavior, emerging risks, unusual patterns, and produce other data models useful in the security space.
The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice.
- Learn numerous data sets to understand baseline norms
- Analyze the data sets to create models of the normal and the anomalous
- Work with the team to understand the technology stacks employed and how they relate to risk
- Ensure relevant data is coming into the SIEM so proper analysis can be performed
- Create dashboards for visualization to represent standard operational items (system health, etc.)
- Create dashboards specifically geared for researching or hunting specific kinds of threats
- Contribute to Red Team / Blue Team exercises (on the blue team) to test how well the threat detections are working and make continuous improvements
- Stay current on latest security trends and adapt models to remain current and applicable
- Play an active role in security incident response efforts, working to identify and mitigate information security threats
- Implement and Develop Machine Learning models for our UBA platform
- A bachelor’s, master’s, or PhD in a relevant field of work (Data Science, Statistics, Probability, Mathematics, Computer Science, etc.)
- An understanding of the fundamental operations of servers, operating systems, networks and cloud applications and infrastructure
- Be able to discuss, at length, information security concepts and how they map on to the realities of the current technology landscape
- Has built and managed frameworks to test and validate the effective operation of security controls; measuring the ability to stop threats and attacks at the earliest point in the kill chain.
- An understanding of machine learning models and algorithms and knowledge of when and how to most effectively implement them