|Company||Principal Financial Group|
|Location||Des Moines Iowa or Remote|
|Preferred GIAC Certifications||GMON, GCDA, GCED, GCIH|
|Contact Name||George Thompson|
Come join a team that is highly motivated, self-driven, and passionate about cyber defense! You will have the opportunity to help us build and mature our cyber defense engineering service across the globe and in the cloud. The position will help develop and drive our cyber defense service and strategy including research, architecture, and project management. This position will work side-by-side with a team of other highly talented security analysts and engineers, defending against a variety of threats and potential cyber security related incidents.
Duties will include:
Experience with cloud technologies including security monitoring for SaaS/Paas/IaaS environments.
Assist with the development, testing and implementation of new cyber-security processes and procedures while ensure existing processes and procedures are kept accurate and up to date with rapidly changing methodologies and technologies.
Work with cyber defense investigators and other IT security functions to determine requirements and opportunities for threat detection and policy / prevention recommendations
Help drive strategy and prioritization of our threat detection and response service.
Develop metrics across the Cyber Defense Operations organization
Manage projects and initiatives to broaden security across the enterprise
Associate's or bachelor’s degree with a preference in a science, technology, engineering, or math related field or equivalent work experience (6 years of experience equates to an Associate’s degree when defining “equivalent work experience”)
6+ years of IT related experience
4+ years of experience working in a cyber defense, threat intelligence or similar role within information security.
Experience in project management and leading new initiatives.
Experience with analyzing and interpreting data from multiple sources, documenting the results and providing meaningful analysis reports and briefings
Familiarity working with SIEM’s, Intrusion Detection and Prevention systems, and other security monitoring tools.
Experience with incident response or threat detection in cloud environments
Experience with scripting languages (Python, PowerShell, .NET, Bash, etc.)
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;
Additional preferred technical experience:
Familiar with intelligence enrichment sources and integration processes
Experience with common network defense languages/tools (yara, snort, bro, etc.)
Ability to communicate/interact with various audiences, including senior executives
Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security