Cyber Threat Hunter I

MidAmerican Energy
Des Moines, United States of America
25 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior

Job location

Des Moines, United States of America

Tech stack

Bash
Big Data
C Sharp (Programming Language)
C++
Computer Programming
Database Queries
Query Languages
Elasticsearch
Perl
Python
Open Source Technology
Powershell
Ruby
Kusto Query Language
SQL Databases
Syslog
Rust
Snort (Software)
Cyber Threat Analysis
Information Technology
Process Control Systems
Kibana
Security Orchestration, Automation & Response
Go

Job description

Proactively identify cybersecurity incidents that may go undetected by other security tools. Respond to real-time security incidents and supports activities for response. Act as a liaison between the threat intelligence teams and the analyst teams to coordinate on emerging threats to the BHE networks., Hunt for existing threats or vulnerabilities already present in the networks. Analyze and correlate large data sets to uncover threats and attack techniques. This may entail taking emerging or developing reports of attacks and building or adjusting queries as needed to ensure the protection of the environment. 40%

Coordinate with threat intelligence analysts on emerging threats to the company or industry, seeking out potential issues in the environment. 30%

Assist endpoint and network protection SMEs in the development of protective or detective queries in existing tool sets that will allow for near real-time detection. When there is no threat immediately present, the potential for the threat in the future should be alerted on or blocked accordingly. 10%

Advise on tools, techniques, or policies to advance the posture and monitoring functions of the security operations center. This also includes environments beyond the enterprise networks such as Industrial Control System (ICS) environments. 10%

Provide timely and accurate cross-platform support in response to security threats. (10%)

Requirements

Bachelor's degree in Computer Science, Information Technology, or related field; or equivalent work experience.

Direct experience performing threat hunting in an enterprise environment.

Two years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence.

At least one year of hands-on experience with a production security toolset. Experience with an EDR/MDR/XDR, network tapping infrastructure, and security automation is preferred.

Knowledge of security principles is desired through achievement and active pursuit of advanced security certification including CISM or CISSP or equivalent.

Familiarity with at least one programming and scripting language s such as PERL, Python, Ruby, C#, C++, Go, Rust, BASH, and Powershell, as well as open source security tools such as Syslog-NG, SNORT, Cuckoo, etc.

Ability to construct and execute complex database queries using SQL (Structured Query Language), KQL (Kibana Query Language), or eDSL (Elasticsearch Domain Specific Language).

General knowledge of information technology terms, equipment, systems, functions, and major vendors - Information Technology work experience strongly preferred. (Server, endpoint, network, etc..)

Effective interpersonal skills and customer relationship skills.

Effective analytical, problem-solving and decision-making skills.

Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.

Employees must be able to perform the essential functions of the position, with or without an accommodation.

About the company

MidAmerican Energy Company, a Midwest utility, provides regulated electric and natural gas service to more than 1.6 million customers in Illinois, Iowa, Nebraska and South Dakota. The company owns and operates a portfolio of power-generating assets, approximately 61% of which is wind generation.

Apply for this position