Principal Senior Cyber threat security Engineer - (R-13319)

Why We Work at Dun & BradstreetDun & Bradstreet unlocks the power of data through analytics, creating a better tomorrow. Each day, we are finding new ways to strengthen our award-winning culture and accelerate creativity, innovation and growth. Our 6,000+ global team members are passionate about what we do. We are dedicated to helping clients turn uncertainty into confidence, risk into opportunity and potential into prosperity. Bold and diverse thinkers are always welcome. Come join us!
Brief Description: The Security Operations team is looking for an experienced Cyber Security Detection Engineer with a strong passion for information security and a burning desire to learn. This individual will participate in Developing and Deploying Detections in various SIEM and EDR platforms, as well as working on security automations. The candidate should have experience with scripting languages as well as data query languages. Experience working with a SOAR platform also a plus. We value strong technical expertise combined with a relentlessly curious nature, to investigate and analyze large sets of data.
Essential Key Responsibilities/Job Summary:1. Detection Engineering activities: drive security operations detection engineering activities, working with SIEM technologies like Splunk and Chronicle.2. Process Improvement: Execute, develop, and document Detection Code and processes. Experience with source version control systems like Github also desired.3. Cyber Threat Intelligence Analysis: Analyze and interpret CTI data included but not limited to TAXII/STIX, Indicators of compromise, MITRE ATT&CK, and SIGMA.4. Scripting and Query building: Develop scripts to perform security automation tasks and build queries to extract data from different environments to be used in detection and automation code.5. Configure Alerts: Provision alerts on various detection platforms including but not limited to SIEM, EDR, MDR etc.6. Identify Gaps: Investigate and document gaps in controls, event data, and work with internal teams to resolve7. Report Review: Review daily and weekly reports for issues regarding system log health, triggered detections, and Alert volumes etc.
Education/Experience and Competencies1. Minimum 7 years of information security experience; specifically, around configuring and developing security detections, event pipelines, and log analysis as well as scripting to automate the efforts of such tasks.2. Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles.3. Knowledge of common networking services and protocols.4. Experience with common security technologies (IDS, Firewall, SIEM, etc.)5. Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level