Senior Cyber Threat Defense Engineer

As we create a colorful, capable and cleaner world through chemistry, we invite you to join our team to harness the power of chemistry to shape markets, redefine industries and improve lives for billions of people around the world.

HELP SHAPE THE FUTURE OF CHEMISTRY AND THE WORLD

From the frontline to the back office, every Chemours employee is part of something bigger than themselves as together we work to create a better world through the power of our chemistry.

Chemours is seeking a Senior Cyber Threat Defense Engineer to join our growing Cyber Fusion Center team! This position will report directly to the Head of Cyber Threat Defense & Prevention in our Wilmington, DE or Remote location.

As the Senior Cyber Threat Defense Engineer, this role will serve as a technical specialist of the Cyber Threat Defense function within the Cyber Fusion Center by helping to facilitate the transformation of our current Security Operations Center (SOC) and the Chemours Incident Response Team (CIRT). This role will have significant expertise and experience in operating and optimizing technical security controls and incident/event monitoring technologies for both the Enterprise and Operational environments as well as threat intelligence and threat management expertise and must have strong skills in managing and handling complex incidents and coordinating large numbers of participants through all phases of the NIST computer security incident handling process.

The responsibilities of the position include, but are not limited to, the following:

1. Lead threat intelligence gathering and management activities and continuous red team programs.
2. Assist 24x7 SOC function by leading technical threat support leveraged by the SOC team and organizing and negotiating the allocation of company and managed service resources in a matrix structure, across time zones and national boundaries.
3. Collect information on emerging TTPs and threats to the organization through communication with partner institutions and other intelligence sources, open-source intelligence, industry partnerships, etc.
4. Continuously improve the cyber defense posture of the organization by creating, measuring and updating threat models, threat landscape reports, creating intelligence briefings, threat data automation, and threat coordination with vulnerability management lifecycle management.
5. Lead contribution efforts for planning, design, implementation, and updating or tuning of use cases in SIEM, Threat Intelligence Platforms, and other cyber tools.
6. Acts as the subject matter expert replicating TTPs to support Red Team functions and other areas of the Cyber Fusion Center.
7. Define and manage KRI and KPI metrics to track and drive continuous improvement, including providing regular updates and reports to leadership.
8. Work with multiple vendors to build strong business partnerships by managing expectations.
9. Lead and assist with information or Cyber security projects.
10. Create technical and high-level incident reports and threat briefs for a varied range of stakeholders.
11. Have a strong knowledge of Operational Technologies (OT) and experience navigating complex technological environments.

The following is required for this role:

1. 3-5 years of experience in an IT role, with at least 3 in any of the following disciplines: Penetration Testing / Adversary Emulation, Operational Technology (OT) Security.
2. Experience in Microsoft O365 and Defender products, Data Loss Prevention (DLP), threat intelligence gathering and threat hunting, operating system hardening, as well as experience with enterprise risk management and vendor relationship management.
3. Working experience Detecting and analyzing incidents, and coordinating activities with other stakeholders for incident triage, eradicating threats, and incident recovery.
4. Contribute to the integration of malware analysis, forensic investigation, and threat research into incident response and vulnerability management lifecycles.
5. Understanding of basic pen testing and red-teaming concepts with working experience performing red team operations in an enterprise environment.
6. Working experience with Operational Technology (OT) incident detection and response.
7. Design and implementation of advanced threat detection and response systems.
8. Develop and maintain cyber policies, procedures, and practices.
9. Provide guidance and training to junior security staff and other employees.

The following is preferred for this role:

1. Certifications: Security+, CEH or equivalent.
2. Strong understanding of the MITRE ATT&CK and Pre-ATT&CK Frameworks.
3. Comfortable with SIEM Tools and various query languages: Sentinel (KQL), Lucene and other Linux languages, etc.
4. Ability to operationalize various forms of threat intelligence (to support various areas of the Cyber Fusion Center).
5. Conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents and make recommendations on how to mitigate and improve the organizational security posture.

Competitive Compensation

At Chemours, you will find sustainability in our vision, our business and your future. If you want to work on the leading edge of your field and have a desire to make a difference, join Chemours and discover what it means when we say "We Are Living Chemistry."

Chemours is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, religion, color, gender, disability, national or ethnic origin, ancestry, marital status, family status, sexual orientation, gender identity or expression, or veteran status. Jurisdictions may have additional grounds for non-discrimination, and we comply with all applicable laws.

Chemours is an E-Verify employer.

Candidates must be able to perform all duties listed with or without accommodation.

Immigration sponsorship (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status) is not currently available for this position.