Security Content Architect

at  SilverSky

Thanks for the click. We know your time is valuable so we will get right to it.
We’ve amassed some of the best and brightest minds in cyber security who are passionate about protecting the digital world. Our team blends advanced technology alongside deep expertise to tackle the toughest cyber threats out there. Put simply, our mission is to stay ahead of the curve and create a safer digital landscape for our partners, and we believe adding a Security Content Architect will up our cyber game.
This role serves as a senior level professional who is responsible for developing and driving the Content Engineering for multi-tenant SIEM and SOAR solutions. This professional is an experienced individual in detection and automation logic that provides meaningful output for a Security Operations Center to action on. This professional serves as a senior to Security Content Engineers, coaching, developing, and serving as the first layer of escalation for concerns or issues.

WHAT YOU’LL BE DOING:

• Identifying and planning of opportunities for detection and automation opportunities.
• Designing and socializing end-to-end workflows for detection and automation activities.
• Implementing and optimizing of new and existing detection and automation activities.
• Reviewing and coaching activities of other team members for uniform outputs and workflows.
• Developing and preparing quantifiable standards and measurements of success for areas of responsibility.
• Troubleshooting break-fixes or issue-based requests from stakeholders.
• Supporting a multi-tenant, multi-customer environment and business requirements as needed, including gathering requirements.

WHAT DOES IT TAKE TO SUCCEED IN THIS ROLE?

• SOAR implementation of Playbooks and Scheduled activity (or comparable).
• Threat hunting development and configuration.
• SIEM Rule creation, tuning, and decommissioning.
• Excellent understanding of detection & response and forensic capabilities.
• Excellent verbal and written communication with internal and external stakeholders of varying technological expertise.
• Experience leading projects using industry standard frameworks (Scrum, Agile, etc.).
• Experience with architecture or engineering of at least two security platforms outside of SIEM and SOAR (NGFWs, WAF, CASB, Email Security, Proxy, etc.).
• Leadership and mentoring as the point of escalation and subject matter expert in SIEM and SOAR solutions.
• 5-7 years of experience in threat modelling or design.
• 3-5 years in automation of security operations activities, Including SOAR and scripting.
• Experience In a multi-tenant multi-customer environment.
• Experience In Identifying automation opportunities and Implementing workflows around automation.
• Expertise In identifying automation opportunities and Implementing In a global environment.
• Experience serving as a senior or escalation point for other team members.
  In addition to the technical expertise, we expect respect, opinions, and thoughtful input.
  If this sounds interesting and you are passionate about redefining how the world thinks about cyber security, we want to hear from you. Apply now if you are interested in learning more about how we can change the rules of engagement, together.