67 Snort Jobs - Page 3

Do you like working on identifying and preventing potential cybersecurity risks? Are you ready for the next step in your career? Join our Digital Technology Team! Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance Partner with the best As an Incident Response Analyst you will play a crucial role in safeguarding Baker Hughes information systems by analyzing a wide range of cybersecurity events. Your primary focus will be on identifying, investigating, and interpreting security incidents and trends, and making recommendations on appropriate containment and remediation steps. You will be at the forefront of detecting potential threats and vulnerabilities, providing critical insights that drive our cybersecurity defense strategies. As a Incident Response Analyst you will be Responsible for : Leading technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events. Specializing in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM) Performing daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage Analysts Mentoring and train Event Analysts as required. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Fuel your passion Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Strong verbal and written communication skills Detailed understanding of APT, Cyber Crime and other associated tactics Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry Knowledge of and/or working on Baker Hughes OT products Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology Experience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, Carbon Black, Tanium, etc.) Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, Sleuth Kit, Volatility Framework, FTK, Encase, etc.) Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis) Experience with malware and reverse engineering (Dynamic and static analysis) Strong IT infrastructure background including familiarity with the following: Networking (TCP/IP, UDP, Routing) Applications (HTTP, SMTP, DNS, FTP, SSH, etc.) Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.) System/Application vulnerabilities and exploitation Operating systems (Windows, *Nix, and Mac) Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques CISSP, CISM or related SANs certifications preferred Active US government security clearance Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive. Occasionally working remotely from home or any other work location Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R147718 Show more Show less

Do you like working on identifying and preventing potential cybersecurity risks? Are you ready for the next step in your career? Join our Digital Technology Team! Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance Partner with the best As an Incident Response Analyst you will play a crucial role in safeguarding Baker Hughes information systems by analyzing a wide range of cybersecurity events. Your primary focus will be on identifying, investigating, and interpreting security incidents and trends, and making recommendations on appropriate containment and remediation steps. You will be at the forefront of detecting potential threats and vulnerabilities, providing critical insights that drive our cybersecurity defense strategies. As a Incident Response Analyst you will be Responsible for : Leading technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events. Specializing in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM) Performing daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage Analysts Mentoring and train Event Analysts as required. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Fuel your passion Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Strong verbal and written communication skills Detailed understanding of APT, Cyber Crime and other associated tactics Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry Knowledge of and/or working on Baker Hughes OT products Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology Experience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, Carbon Black, Tanium, etc.) Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, Sleuth Kit, Volatility Framework, FTK, Encase, etc.) Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis) Experience with malware and reverse engineering (Dynamic and static analysis) Strong IT infrastructure background including familiarity with the following: Networking (TCP/IP, UDP, Routing) Applications (HTTP, SMTP, DNS, FTP, SSH, etc.) Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.) System/Application vulnerabilities and exploitation Operating systems (Windows, *Nix, and Mac) Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques CISSP, CISM or related SANs certifications preferred Active US government security clearance Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive. Occasionally working remotely from home or any other work location Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R147718 Show more Show less

Do you like working on identifying and preventing potential cybersecurity risks? Are you ready for the next step in your career? Join our Digital Technology Team! Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance Partner with the best As an Incident Response Analyst you will play a crucial role in safeguarding Baker Hughes information systems by analyzing a wide range of cybersecurity events. Your primary focus will be on identifying, investigating, and interpreting security incidents and trends, and making recommendations on appropriate containment and remediation steps. You will be at the forefront of detecting potential threats and vulnerabilities, providing critical insights that drive our cybersecurity defense strategies. As a Incident Response Analyst you will be Responsible for : Leading technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events. Specializing in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM) Performing daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage Analysts Mentoring and train Event Analysts as required. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Fuel your passion Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Strong verbal and written communication skills Detailed understanding of APT, Cyber Crime and other associated tactics Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry Knowledge of and/or working on Baker Hughes OT products Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology Experience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, Carbon Black, Tanium, etc.) Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, Sleuth Kit, Volatility Framework, FTK, Encase, etc.) Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis) Experience with malware and reverse engineering (Dynamic and static analysis) Strong IT infrastructure background including familiarity with the following: Networking (TCP/IP, UDP, Routing) Applications (HTTP, SMTP, DNS, FTP, SSH, etc.) Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.) System/Application vulnerabilities and exploitation Operating systems (Windows, *Nix, and Mac) Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques CISSP, CISM or related SANs certifications preferred Active US government security clearance Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive. Occasionally working remotely from home or any other work location Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R147718 Show more Show less

Must have skills : Azure Sentinel L2/L3 SOC Analyst Preferred : HYD Exp : Minimum 6 yrs in security domain, and atleast 3 yrs as L2/L3 JD : .Develop and maintain playbooks runbooks and incident response procedures .Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities .Conduct post incident reviews and root cause analysis .Mentor and train L1 and L2 SOC analysts .Recommend and implement improvements to SOC tools processes and detection rules .Stay current with emerging threats vulnerabilities and security technologies .The expectations from the graders would be .To evaluate the tasks that are being fed into the agent for their real world applicability .To evaluate the agent output to come up with a ground truth and rate the agent output in a .Predefined rubric based on the inputs provided by us .To have very deep SOC analyst experience and insights This also includes any other skills needed .T.o evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task. Core Technical Skills:- .SIEM Tools eg Splunk QRadar Microsoft Sentinel .Endpoint Detection and Response EDR eg CrowdStrike SentinelOne .Firewall and IDSIPS eg Palo Alto Snort Suricata .Log Analysis and Packet Capture Analysis eg Wireshark .Threat Intelligence Platforms eg MISP Recorded Future .Incident Response and Forensics .Scripting Automation Python PowerShell Bash .Operating Systems Windows Linux macOS .Networking Fundamentals TCPIP DNS HTTP VPNs Kindly share your CV at Ranjana.singh1@ltimindtree.com Regards Ranjana Singh Show more Show less

Req ID: 321051 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Sol Architect - Network Security Advisor to join our team in Bangalore, Karnātaka (IN-KA), India (IN). Drive for results - Ability to grasp complex issues to arrive at optimal solutions - Strong ethics and integrity - Flexible to changing needs of customer , account and team - Excellent customer facing communication skills, customer support and knowledge of ITIL best practices. ITIL certification is a plus. - High-level experience and proved knowledge in Algosec tool and atleast 2 network security products likes Firewalls (Watchguard, Cisco, Palo Alto), Content Filtering (Cisco Umbrella, Bluecoats, Websense, McAfee Web gateway) and IDS/IPS (Cisco Sourcefire, McAfee, Tipping Point, Snort) - Strong working knowledge of Algosec. - High-level networking troubleshooting skills and extensive knowledge of web connectivity and protocols (WCCP, PAC files, TCP/IP, HTTP, HTTPS, SSL, FTP, Telnet, SSH, etc.) - Understanding the integration with authentication protocols such as LDAP, IWA, IWA-direct, SSO, Active directory. - Candidate must possess good time management skills to properly manage operations duties and other task that will assist in the optimization of the Network Security team - Clear understanding of Windows and Linux operating systems - 8+ years of network troubleshooting experience and at least 4-5 years Network Security administration and design experience - Bachelor's degree or equivalent experience. About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.

About the job Company Name: Helix Tech INC Job Title : Cyber Security / Networking Technical Expert Company Website: https://helixtechinc.com/ Location: Ahmedabad, Gujarat Shift: US Shift (Night Shift) Working Days: 5 Days working (Monday to Friday) Work From Office Only Requirements: Prepare the Candidates to crack Interviews with fortune 500 companies, help to improve their technical skills and mentor them, also evaluate them to identify areas for improvement. Conduct training and development assessment of candidates for different tools and technologies with real-time projects. Develops training and development programs and objectives. Obtains and /or develops effective training materials utilising a variety of media. Coordinate with candidates to provide the skills and knowledge in different tools and technologies. Create Plans, organise, and facilitate training for candidate development and training sessions. Required Skills: Bachelor’s degree in computer science, software engineering, or a similar field. Advanced knowledge of Cybersecurity technologies 3+ years of work experience in the above-mentioned area Experience in IT Project Management is a plus Knowledge of network technologies (Network, Firewall architecture) and Server operating systems Networking Protocols: TCP/IP, IPv4, VPN, HTTP, DNS, LAN/WAN, OSPF, BGP Security Tools: Nmap, Snort, TCPDUMP, Nessus, Wireshark, Core Impact, OpenVAS, HIDS/HIPS, SIEM, Active Directory, IDS, IPS, DNS, DHCP, Splunk, Burp suite, OWASP, SIM Tools, Vulnerability Scanning Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹18,086.00 - ₹32,727.29 per month Benefits: Internet reimbursement Paid sick time Schedule: Fixed shift Monday to Friday Night shift US shift Supplemental Pay: Overtime pay Performance bonus Quarterly bonus Work Location: In person

The Security Engineer is responsible for designing, implementing, and maintaining security across all products and infrastructure, with a focus on both blockchain/wallet and general application security. This role requires a strategic mindset, strong risk management skills, and the ability to communicate security concepts to both technical and non-technical stakeholders. The ideal candidate is proactive, detail-oriented, and committed to fostering a culture of security throughout the organization. Responsibilities Develop and enforce security policies, standards and best practices. Lead security architecture reviews and risk assessments. Collaborate with engineering, product, and operations teams to ensure secure design and implementation. Oversee incident response, forensics, and post-incident analysis. Conduct security awareness training and promote a security-first culture. Stay current with emerging threats, vulnerabilities, and security technologies. Ensure compliance with relevant regulations and industry standards. Coordinate with external auditors, partners, and vendors on security matters. Qualifications and Experience Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). Relevant security certifications (CISSP, CISM, CEH, OSCP, etc.). 5+ years of experience in security engineering or related roles. Demonstrated experience with both blockchain and traditional application/infrastructure security. Experience leading security initiatives and incident response. Deep understanding of security frameworks, standards, and regulations (NIST, ISO 27001, GDPR, etc.). Awareness of current threat landscape and security technologies. Familiarity with blockchain security and smart contract vulnerabilities.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Cybersecurity Analyst Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 Months Stipend for Top Interns: ₹15,000 Certificate Provided | Letter of Recommendation | Full-Time Offer Based on Performance About the Company: INLIGHN TECH empowers students and fresh graduates with real-world experience through hands-on, project-driven internships. The Cybersecurity Analyst Internship is tailored to develop your expertise in identifying and mitigating cyber threats while gaining practical knowledge of modern security tools and frameworks. Role Overview: As a Cybersecurity Analyst Intern, you will work on monitoring networks, analyzing threats, and helping ensure the security of digital infrastructure. This internship will deepen your understanding of incident response, threat intelligence, and proactive defense strategies in a real-world context. Key Responsibilities: Monitor security systems and analyze logs for suspicious activity Conduct vulnerability assessments and recommend remediation steps Assist in security audits and compliance checks Perform malware analysis and track threat actors using threat intelligence platforms Document security incidents and prepare reports on findings Support the implementation of cybersecurity best practices and policies Qualifications: Pursuing or recently completed a degree in Cybersecurity, Information Security, Computer Science, or a related field Strong understanding of network protocols, firewalls, and endpoint protection Familiarity with security tools such as Wireshark, Snort, Nessus, or Splunk Awareness of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Good problem-solving and analytical thinking skills Eagerness to learn, investigate, and defend against cyber threats Internship Benefits: Hands-on experience with cybersecurity tools and threat detection methods Certificate of Internship upon successful completion Letter of Recommendation for top performers Build a strong portfolio of cybersecurity analysis and incident response case studies Show more Show less

Location Mumbai, Maharashtra, India Category Digital Technology Job ID: R147718 Posted: May 21st 2025 Job Available In 5 Locations Incident Response Analyst Do you like working on identifying and preventing potential cybersecurity risks? Are you ready for the next step in your career? Join our Digital Technology Team! Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance Partner with the best As an Incident Response Analyst you will play a crucial role in safeguarding Baker Hughes information systems by analyzing a wide range of cybersecurity events. Your primary focus will be on identifying, investigating, and interpreting security incidents and trends, and making recommendations on appropriate containment and remediation steps. You will be at the forefront of detecting potential threats and vulnerabilities, providing critical insights that drive our cybersecurity defense strategies. As a Incident Response Analyst you will be Responsible for : Leading technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events. Specializing in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM) Performing daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage Analysts Mentoring and train Event Analysts as required. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Fuel your passion Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Strong verbal and written communication skills Detailed understanding of APT, Cyber Crime and other associated tactics Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry Knowledge of and/or working on Baker Hughes OT products Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology Experience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, Carbon Black, Tanium, etc.) Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, Sleuth Kit, Volatility Framework, FTK, Encase, etc.) Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis) Experience with malware and reverse engineering (Dynamic and static analysis) Strong IT infrastructure background including familiarity with the following: Networking (TCP/IP, UDP, Routing) Applications (HTTP, SMTP, DNS, FTP, SSH, etc.) Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.) System/Application vulnerabilities and exploitation Operating systems (Windows, *Nix, and Mac) Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques CISSP, CISM or related SANs certifications preferred Active US government security clearance Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive. Occasionally working remotely from home or any other work location Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

Cybersecurity Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 Months Stipend for Top Interns: ₹15,000 Certificate Provided | LOR | Potential Full-Time Offer Based on Performance About the Company: INLIGHN TECH aims to bridge the gap between academic learning and industry demands by providing hands-on, project-based internships. Our Cybersecurity Internship offers aspiring professionals the chance to work on real security projects, gaining vital experience in threat detection, incident response, and secure system design. Role Overview: As a Cybersecurity Intern, you will work with our security team to monitor systems, identify vulnerabilities, and assist in strengthening our digital infrastructure. This role is designed to build your foundational knowledge of cybersecurity practices and tools through practical application. Key Responsibilities: Monitor network and system security for unusual activity or threats Conduct vulnerability assessments and assist in patch management Use tools such as Wireshark , Kali Linux , Nmap , and Snort for analysis Help in investigating security breaches and preparing incident reports Research current cyber threats, malware, and attack vectors Contribute to documentation of security policies, protocols, and best practices Qualifications: Currently pursuing or recently completed a degree in Cybersecurity , Information Technology , Computer Science , or a related field Familiarity with network security concepts , firewalls , and intrusion detection systems Basic experience with tools like Nmap , Wireshark , Kali Linux , etc. Understanding of threat modeling and security principles Strong analytical thinking, attention to detail, and eagerness to learn Internship Benefits: Real-world exposure to cybersecurity frameworks and tools Certificate of Internship on successful completion Letter of Recommendation for outstanding performance Build a portfolio of security projects and reports Potential stipend and full-time job offer for top performers Show more Show less

The Sr. QA Analyst will provide deep level analysis for client investigations utilizing customer provided data sources, audit, and monitoring tools at both the government and enterprise level. The Sr. Threat Analyst will work closely with our Technology Engineers, Architects, and Threat Analysts to service customers. How You’ll Make An Impact High level professional writing experience regarding documenting and reporting on potential security incidents identified in customer environments to include timeline of events. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and train clients regarding mitigation of identified threats. Provide ongoing recommendations to peers and customers on tuning and best practices. Actively research current threats and attack vectors being exploited in the wild Actively work with analysts and perform investigations on escalations. Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach. Provide gap analysis for clients to better their security posture. Maintain and develop SOPs for threat analyst team. Develop and maintain Playbooks and runbooks. Work with internal teams to increase efficiency and effectiveness of security analysis provided by the threat analysis team. Training of new analysts on security and tools Create and maintain Content Catalog based on security essentials and the evolving threat landscape. Provide quality assurance (QA) review of security alerts handled by Team members. Conduct regular security audits to ensure compliance with industry standards and regulations. Evaluate security controls, policies, and procedures. Identify vulnerabilities and enhance remediation actions. What We’re Looking For Five years of full-time professional experience in the Information Security field Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation. Excellent time management, reporting, and communication skills including customer interactions and executive presentations. Data analysis using SIEM, Database tools, and Excel. Experience troubleshooting security devices and SIEM. Ability to create and maintain content within SIEM environments and make recommendations to clients to better their visibility. IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, McAfee/Nitro, ArcSight, Splunk) a plus. Experience with audit tools, MS office, Power BI Knowledge of security information and event management (SIEM) systems. Understanding of cloud security and virtualization. Direct (E.g., SQL Injection) versus indirect (E.g., cross-site scripting) attacks Experience with the following attacks: Web Based Attacks and the OWASP Top 10, Network Based DoS, Brute force, HTTP Based DoS, Denial of Service, Network Based / System Based Attacks. Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including Active Directory, Windows security architecture and terminology, Privilege escalation techniques, Common mitigation controls and system hardening. Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos, or Trend Micro Ability to identify common false positives and make suggestions on tuning. Understanding of root causes of malware and proactive mitigation Propagation of malware in enterprise environments Familiarity with web-based exploit kits and the methods employed by web-based exploit kits. Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware.” Experience and understanding of malware protection tools (FireEye) and controls in an enterprise environment. Covert channels, egress, and data exfiltration techniques Familiarity with vulnerability scoring systems such as CVSS. Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks This team provides 24/7 support. This role requires shift flexibility, including the ability to rotate between days, mids, and nights. What You Can Expect From Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time. Show more Show less

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.