Signature Writing

As a Cybersecurity Lead with 4 - 9 years of experience, your role will involve managing the Incident Management Network Security Signature Writing team. You will be responsible for overseeing incident response, signature development, direct stakeholder management, team management, and project management. The ideal candidate for this position will have a strong background in cybersecurity incident response and network security along with excellent communication and leadership skills. Key Responsibilities: - Incident Monitoring and Response: Monitor security incidents, respond promptly, and escalate as needed. - Threat Analysis and Detection: Investigate security incidents, develop detection rules, and signatures. - Signature Development: Create signatures for vulnerabilities and perform vulnerability hunting. - Tool Management: Deploy, configure, and manage NDR tools. - Tuning and Optimization: Optimize security tools to reduce false positives. - Reporting and Documentation: Document and report on security incidents. - Research and Development: Stay updated with cybersecurity trends and improve detection capabilities. - Stakeholder Management: Engage with stakeholders and manage escalated issues. - Team Management: Lead and support the team. - Project Management: Oversee projects related to incident response and signature development. Preferred Skills: - Experience with Microsoft Defender or similar endpoint protection solutions. - Strong understanding of endpoint and network security threat detection and response. - Proficiency with SIEM platforms and scripting languages. - Knowledge of network protocols, firewall rules, and intrusion detection prevention systems. - Familiarity with advanced persistent threats, threat hunting, and incident response frameworks. - Understanding of IPS/IDS signatures and Rapid7 recognition signatures. - Good to have experience in malware and threat analysis and CVE hunting. This role requires flexibility for shifts, holidays, and on-call responsibilities as it operates within a 24x7x365 environment. Mandatory Skills: - Threat Landscape - Kusto - M365D - ITIL - Signature Writing - CVE Hunting - Python - C#,