Information Security Engineer, Cyber Threat Intelligence
San Francisco, CA

Job Description

Information Security Engineer, Cyber Threat Intelligence

Location: San Francisco, CA- United States

Job ID: 19WD34243

Position Overview

The threat hunting engineer will be response for the daily operation of our threat hunting program. He or She will design, implement, and maintain our threat hunting platforms and tools. This role works on identifying and eliminating threats before they turn into attacks. The role will apply and detect the methodology and technical details of how attackers recon, gain access to, pivot, and remain hidden within our environment and proactively hunt for cyber threats already in or planning to compromise our network. This role is seen as a leading and effective voice within the threat management and incident response team and will build and operate systems or tools for behavior analysis trends and develop security analytic systems to track down, stop and/or prevent malicious activities.

Responsibilities

* Run threat hunting expeditions and proactively guide threat hunts and report on detected or expected suspicious and malicious IOCs
* Establish, develop, and implement a threat hunting capability within the cyber threat and response organization
* Proactively and iteratively detect, isolate, and neutralize advanced threats that evade automated security solutions
* Utilize internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
* Work with our incident response and threat management team to improve our defensible architecture and apply use cases for detection
* Leverage, operationalize, and benefit from frameworks like the cyber kill chain, MITRE attack, and the diamond model as well as other frameworks like OpenIOC and STIX
* Identify compromised internal systems and assets thru understand malware analysis, cyber deception, and active defense principles and guidelines
* Provide threat analysis and proactive incident response support to identify C&C, backdoors, beaconing, and advanced malware capabilities
* Review trending and correlation of various logs (endpoints/network/cloud) and data points for possible attribution
* Manage and perform countermeasures to increase resiliency and build defense in depth strategies
* Conduct high level host-based and network based forensics, intrusion detection, and incident response activities
* Track cyber criminals and discover methods of initial compromise, lateral movement, pivoting, persistence, privilege escalation, and defense evasion
* Run and participate in our breach and attack simulation program and run blue/red/purple team engagements with our offensive security team
* Provide threat indicators and signatures and work with various teams to contain, eradicate, or remediate the treats
* Organize and analyze the collected data to determine trends in the security environment of the organization and make predictions for expected future targeting
* Strive to stay ahead of the latest threats and implement rapid response to mitigate potential damage resulting from cyber attacks

Minimum Qualifications

* Previous work experience to perform advanced host and network forensics analysis and malware hunting and detection
* Advanced knowledge of Windows, Linux, and MacOS operating systems internals and architecture and features, protections, and design
* Stay up-to-date of current and emerging threats, vulnerabilities, and attack vectors, tracking APT and sophisticated intrusion campaigns
* Critical thinking, problem solving, building relationships skills as well as written and oral communications skills. highly motivated and have passion for security
* 3-6 years of experience working in a role in these fields (threat hunting, intelligence, incident response, cyber investigations, network security, security assessments)
* Demonstrated knowledge of threat hunting, malware analysis, and incident response tools, scripts, applications, useful logs, and use cases
* Ability to gather information on the behavior, goals, and methods of the adversaries and carefully analyze the outcomes of their research
* Comfortable writing scripts or understanding scripting languages - Python, PowerShell, or similar
* Education: BA/BS in computer science, information security, or a related field or equivalent experience
* Certifications (any security certification like the following is highly preferred): CISSP, CISA, GIAC, or CEH

#ADSKSecurityCareers

About Autodesk

With Autodesk software, you have the power to Make Anything. The future of making is here, bringing with it radical changes in the way things are designed, made, and used. It's disrupting every industry: architecture, engineering, and construction; manufacturing; and media and entertainment. With the right knowledge and tools, this disruption is your opportunity. Our software is used by everyone - from design professionals, engineers and architects to digital artists, students and hobbyists. We constantly explore new ways to integrate all dimensions of diversity across our employees, customers, partners, and communities. Our ultimate goal is to expand opportunities for anyone to imagine, design, and make a better world. '348148