Threat application engineer Tampa dallas ref

Job Title: Threat Application Engineer

Location: Tampa, Dallas (Local candidates from Tampa only)

Experience Level: Mid-senior (4 Years)

Education Level: Bachelor’s degree

Job Function: Information Technology

Industry: Financial Services

Pay Rate: $65 per hour

Position Type: Contract to Hire

Relocation Assistance: No

Candidates hired for this role will be required to start full onsite following a hybrid work option, 2 to 3 days in office.

Due to a recent increase in misrepresentation during the interview process, candidates are required to include a headshot on the front page of their resume to be considered.

Position Summary

The Threat Management Associate will perform detection and analysis activities through the monitoring of security appliances, such as SIEM, IDS/IPS, EDR, and other Threat Detection platforms. The Threat Management Associate will conduct in-depth analysis of cyber alerts to confirm if a compromise has occurred and lead/assist in necessary response steps based on the Incident Response Plan, as well as perform additional tasks for the Cyber Blue Team.

Specific Responsibilities

1. Provide technical leadership for a team of analysts who continuously perform monitoring and triage of alerts to determine actionable items while prioritizing incidents based on risk.
2. Lead the continuous monitoring, identification, intake, triage, response, containment, remediation, and resolution of cyber incidents by identifying root causes.
3. Analyze data from various sources to identify possible risk indicators, determine root causes, and identify preventative actions.
4. Proactively conduct research.

Leadership Competencies

1. Accountability: Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals.
2. Global Collaboration: Applies a global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
3. Communication: Articulates information clearly and presents information effectively and confidently when working with others.
4. Influencing: Convinces others by making a strong case and maintaining strong, trusting relationships while comfortable challenging ideas.
5. Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.

Qualifications

1. Strong understanding of incident response processes, workflows, communications, reporting, escalations, and cross-department collaboration.
2. Previous hands-on experience with modern security tools such as SIEM/SOAR, EDR/XDR, NGFW, EUBA, and DLP.
3. Experience with Windows file system and registry functions or Linux/Unix operating systems and command line tools.
4. Working knowledge of various security methodologies and processes, and technical security solutions (i.e., firewalls, proxies, and intrusion detection systems).
5. Working knowledge of analyzing cyber incidents and determining root causes.
6. Extensive knowledge of network and server security products, technologies, and protocols.
7. Knowledge of common security vulnerabilities including OWASP Top 10.
8. Strong dynamic and static malware analysis skills.
9. Skill and work experience in scripting are a great plus (Shell scripting, Python, Powershell).
10. Excellent written and verbal communication skills.
11. Strong problem-solving skills, critical thinking, analytical ability, strong judgment, and the ability to deliver high performance and high levels of customer satisfaction in a matrix-managed environment.
12. Strong technical writing, documentation, and communication skills necessary to create and present findings to C-level management.
13. 3+ years of experience working within a SOC and/or handling incidents.
14. Security certification(s) and/or official training, such as CompTia Sec+, CompTia CySa+, GCIH, CSIH, ECSA, CHFI, ECIH, CEH, AWS SA, similar, or degree are a plus.