Security Threat Detection Engineer
Remote - US
LiveRamp is the leading data connectivity platform for the safe and effective use of data. Our platform powers people-based customer experiences that improve the relevance of marketing and allow consumers to connect with the brands and products they love. We thrive on solving fascinating technical problems and enabling our customers’ success—and we’re always looking for smart, kind, compassionate people to help us blaze a trail.
Mission: LiveRamp makes it safe and easy for businesses to use data effectively.
LiveRamp is seeking an experienced leader to drive all aspects of our security automation, engineering, and threat detection. This role will report to the Director of Information Security Operations, and work with cross-functional teams and external parties to develop and operationalize automation use cases. This role will increase operations maturity by converging automation, incident response, and threat intelligence. In addition to automation, this role
- Assess the event visibility and log coverage of the SIEM, and work with DevOps, Software Engineers, and platform owners to configure log forwarding to increase event visibility
- Plan, implement, manage upgrades to security solutions and platforms
- Configure and optimize tools in the security stack, e.g., CASB, DLP, EDR
- Using the MITRE ATT&CK framework, develop, test, and implement new or customs threat detections for resources in cloud environments
- Research new threats, attach techniques and methods
- Design and lead threat hunt exercises with SIEM, log aggregation, and EDR technologies
- Support, provide insight into automation and orchestration workstreams
- Become familiar with and adapt skill set for automation in the SOAR platform
- Perform activities that mimic threat actor behavior to test visibility, security controls and detections, and make recommendations for improvements
- Be the point of contact for red team or pen test engagements performed
- Validate and make recommendations for remediation from bug bounty program findings
- Work collaboratively with DevOps, engineering, product, and cloud infrastructure teams to lead process improvements and improve overall security effectiveness
- Participate in change control processes that may have impact to LiveRamp’s security posture
Your team will:
- Improve security alert triage and speed by implementing orchestration and automation
- Conduct threat hunting exercises looking for specific malicious activity
- Improve SIEM logging, monitoring, and threat detection capabilities for production and corporate IT assets
- Bachelor or Masters degree in Cyber Security, Security Engineering, Computer Engineering, Computer Science, Management Information Systems, or similar technical discipline
- Diverse knowledge of web proxies, firewalls, IDS/IPS, IT infrastructure and processes
- Ability to write scripts and create tools using Python, C++, Java, Ruby, and/or PowerShell
- Prior security analyst experience with knowledge in Windows, MacOS, and Linux operating systems
- Knowledge of cloud computing and cloud technologies
- Experience conducting investigations in EDR, SIEM, and DLP technologies
- One or more certifications, including but not limited to CCSP, CCSK, GCIH, GDAT, GCIA, GREM, GCFA, GSEC, CISSP, AWS Cloud Practitioner or GCP Cloud Engineer
- Knowledge malware analysis, forensic analysis and incident response investigations
- Network security monitoring and analysis
- Malware reverse engineering
- Cloud security experience
- People: work with talented, collaborative, and friendly people who love what they do.
- In-Office Food: enjoy catered meals, boundless snacks, and the occasional food truck.
- Fun: we host in-person and virtual events such as game nights, happy hours, camping trips, and sports leagues.
- Work/Life Harmony: flexible paid time off, remote work opportunities, and paid parental leave.
- Whole Health Package: medical, dental, vision, and disability insurance. Plus mental health support (via Talkspace) and fitness reimbursement up to $100 per month.
- Savings: our 401K matching plan helps you plan ahead.
- Commuter Subsidy: $75 per month to be used toward commuter cards, monthly parking, rideshare pools, or metro/bus passes.
- Location: work remotely from your home office.
More about us:
To all recruitment agencies: LiveRamp does not accept agency resumes. Please do not forward resumes to our jobs alias, LiveRamp employees or any other company location. LiveRamp is not responsible for any fees related to unsolicited resumes.