Detection Architect - Vegas

Why it's worth it:

Detection Architects are members of the Detection Operations Team and are accountable for overall strategy and prioritization of mitigation, detection, and response capabilities within customer environments. A successful Detection Architect will be able to design and execute on the optimal security roadmap for diverse enterprises that span multiple industries, each face unique threats, and each with unique budget restrictions.

The everyday hustle:

• Strategize and prioritize the collection of enterprise technology logs for detection capabilities in technologies including Splunk, QRadar, LogRhythm, Carbon Black, and CrowdStrike
• Prioritize and roadmap out detection capabilities that align with unique enterprise goals including security frameworks including MITRE ATT&CK, the Cyber Kill Chain, and NIST
• Assist in the implementation and maintenance of detection capabilities
• Document and communicate mitigation, detection, and response capabilities clearly and effectively leveraging multiple industry frameworks including MITRE ATT&CK, the Cyber Kill Chain, NIST, and more
• Research and innovate net new mitigation, detection, and response capabilities given input from industry trends, customer feedback, and personal research

Do you have what it takes?

• Bachelor's degree in a related field or equivalent demonstrated experience and knowledge
• Understanding of a log aggregation or correlation technology such as Splunk, QRadar, LogRhythm, Carbon Black, or CrowdStrike.
• Advanced understanding of cyber security and IT disciplines including networking, operating systems, authentication protocols, general enterprise network architecture, and security incident response.
• Advanced understanding of common enterprise technology purposes and logging capabilities including firewalls, Active Directory, antivirus/EDR, IDS/IPS, proxies, and cloud platforms
• Advanced understanding of security detection frameworks such as MITRE ATT&CK, Cyber Kill Chain, and NIST
• Positive and Influential Attitude, Energy, and Effort
• Adaptability, Accountability, Helpfulness, and Focus
• Ability to communicate east-west across multiple diverse teams in both focus, skillset, and geo-location

What makes you uncommon?

• Regular expression, scripting, and programming experience are not required, but highly desirable
• Certifications such as GDAT, GCED, CISSP