Security, SOC, Cyber Threat Intelligence, Cyber threat defence, cyber threat management, threat monitoring, Malware
Bachelor (EQF 6)
Our Vigilance team is an elite force of cyber security experts providing a Managed Detection and Response (MDR) service to our largest customers. We drive a world class program of threat monitoring, hunting, and response services. We play a crucial role in keeping our top tier customers protected providing an additional level of security and confidence, by leveraging SentinelOne’s unique Intelligence and research resources. Our Vigilance service is a key contributor in shaping the SentinelOne roadmap, working hand and hand with the Product Managers and various R&D teams.
What will you do?
- Collaborate with our global team to proactively monitor, and review threats and suspicious events for a variety of customers, from SMB to the largest Fortune 10 enterprises.
- The days will vary greatly, but will predominantly include investigation of alerts, triage, deep dive analysis followed by developing remediation plans.
- Collect threat data from various sources to provide an analysis and respond to the customer within a short time window.
- Hunt and search for known and unknown attacker actions in a customer environment using SentinelOne’s unique threat hunting suite and other available tools.
- Support various customer security teams to investigate and contain threats or resolve security issues.
- Build close relationships with the SentinelOne Research and Development teams to improve detection abilities and research new attack trends.
- Provide professional input to design and develop tools for our internal use.
- Some shift work will be required to help with 'follow the sun' model for customer hand off and support.
What experience or knowledge are we looking for?
- We are looking for a team-player, ready to work with the best security researchers out there, not afraid to dive into complex and challenging security incidents and provide best in its class MDR services.
- 4 years experience in Technical Support or SOC operation in a cyber security company.
- Strong network and security knowledge or certification is desired.
- Significant experience with threat research in the Windows environment.
- Hands-on experience in dynamic malware analysis.
- Experience with data ingesting technologies (i.e. Splunk)
- Experience with SQL and\or NoSQL queries.
- Excellent customer-oriented individual, a problem solver.
- Experience with host base (endpoint agent), or sandbox (network-based) security solutions is preferred.
- Multi-OS support experience: Windows, Mac & Linux (mobile platforms - an advantage).
- Incident Response experience would be ideal.
- Professional and articulate with excellent written communication skills.
- Ability to multitask and prioritise.
- Team player, willing to learn as well as teach in a team environment.