Security Content Specialist
Indexed description
What Will You Be Responsible For
- Assist on boarding of new content and detection rules. Keeping an eye on existing detection and limit duplicative content.
- Assist in prioritizing and managing bug tracking.
- Assist Security Content Engineers to test and tune threat detection use cases within the SIEM and EDR platforms.
- Monitor and maintain SIEM look up tables and various other tables from becoming stale and dated.
- Monitor established content for metrics, efficiency possible retirement.
- Validate and document testing through Confluence to advance content to production.
- Document and maintain assets, scripts and processes to test SIEM/EDR rules for reuse.
- Partner with Threat Intelligence to align detection strategy with threat model and MITRE ATT&CK framework.
- Partner with purple team, various security, risk, IT and business professionals to validate and document threat detection goals.
- Participate in alert creation in various security controls such as EDR, IDS, Cloud, email gateways, etc. Analyze, influence, and recommend.
- Document maintain a library of other IT groups processes, naming conventions and privileged accounts.
- Work through Jira tickets in an agile work environment and document processes in Confluence.
- An agile development life cycle.
- Thorough documentation and lifecycle.
- Experience testing, tuning and validating threat detection alerts/reports.
- Knowledge of adversarial tactics, techniques, and procedures - ability to create detective controls.
- Knowledge of cyber threat intelligence.
- Knowledge of IT architecture and operations (computing, network, storage & cloud).
- Knowledge of security control technologies.
- BS in Cyber Security, Information Technology, Computer Science or relevant experience
- +3 years in a cyber security skill role – SIEM/EDR Content Engineer, Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
- Financial Services experience a plus.
- Software development and/or scripting experience a plus: PERL, Python, Powershell, etc.
- Technical security certifications a plus – GMON, GCDA, GCIH, etc.
We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.
As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.
Discover more information on jobs at StateStreet.com/careers
Read our CEO Statement
Job ID: R-793846
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search