Senior Security Engineer - Threat Hunt Lead

Company Overview

Sleep Number team members are part of a passionate, purpose-driven culture that supports improving the health and wellbeing of society through higher quality sleep. We are not just focused on our customers, however; being employed by Sleep Number means your personal wellbeing is important, too. As we continue to grow, we are looking for team members who will bring their unique personalities, backgrounds, and skills to work. Whether you are entering, returning, or experienced in the workforce, we have a place for you.

In our 35+ years in the industry we have improved over 14 million lives, and we are just getting started. With 5,000+ team members nationwide supporting work disciplines from technology to manufacturing, retail stores to field services technicians, corporate teams to customer service, we are a sleep innovation leader because of our team members. Now is a great time to join us as we invest further in our people and sleep innovation. #TeamSleepNumber

Position Purpose

The Senior Security Engineer - Threat Hunt Lead is responsible for performing proactive detection of advanced threat actors within our network and systems. This senior engineer/threat hunt lead will develop strategies and plans under the direction of Information Security and IT Leadership to identify evidence of actual and potential threat actor activity and working with engineering and security teams to improve our detection capabilities and security controls.

As a Senior Security Engineer / Threat Hunter, you will be responsible for continuously growing your own technical skill set, closely following threat bulletins, and quickly analyzing their potential to Sleep Number systems and providing technical leadership within the Security Operations & Incident Response team. You will lead Hunt Operations, propose, and drive tactical initiatives, and have an active voice in defining the strategic direction of the team. You will represent the Cyber Hunt Team in cross-functional initiatives, and mentor and grow junior analysts when needed.

Primary Responsibilities

• Conduct threat hunting operations in Sleep Number's most complex, critical, and high-risk environments.
• Analyze log data to detect active threats within the network using knowledge of the current threat landscape, threat actor techniques, and the internal network.
• Plan and scope Hunt activities based on Threat Intel reporting, knowledge of Sleep Number's network, and Hunt team capabilities.
• Lead the establishment of a red/blue/purple team capability. Recommend long term operations model (people, process, and technology)
• Perform advanced threat research to proactively identify potential threat vectors and work with security engineering, IT, and other technology teams to improve prevention and detection methods.
• Based on research, provide recommendations for technical control improvements and prioritization to Information Security Leadership.
• Conduct application, API, and network penetration testing (internal or though partners) aimed at various systems and networks based on leadership-directed prioritization.
• Analyze malicious code, packet capture files, and artifacts.
• Identify gaps in logging capabilities and develop and propose strategies to fill gaps.
• Identify and propose automated alerts for new and previously unknown threats.
• Provide technical leadership through the complete lifecycle of a hunt operation when warranted.
• Utilize a wide range of tools and techniques to automate repetitive hunt processes.
• When warranted, craft and distribute proactive threat bulletins to key constituents.
• Enter risks and threats into the GRC platform when warranted.
• Advise other information security leader personnel on insights and recommend investments.
• Maintain quality documentation for meaningful consumption by others

Position Requirements

• At least 7 years of experience with incident response, security operations, malware analysis, or threat hunting
• At least 4 years of experience with various languages (e.g., JavaScript, HTML/CSS, SQL, Python, Java, Bash, Powershell)
• At least 4 years of experience with common threat intelligence models and application to threat hunting
• At least 2 years of experience leading small teams of technical associates. While this role is an individual contributor role, but it will be important for this person to mentor and teach others.
• 4+ years of experience in a security engineering or threat detection role, or developing custom detections in a variety of security appliances
• 4+ years of experience with application of data science concepts and techniques to enable advanced threat detection
• CISSP Certification (exceeding years of confirmed experience can circumvent this requirement)
  • Non-CISSP-certified candidates would be expected to pursue CISSP certification as part of developmental expectations within one year of start date
• Background in various information security domains with an emphasis on Network, Cloud and Application Security
• Experience with penetration testing practices, tools, and interpreting (and challenging) pen test reports. Can convey results to non-technical audiences in a way that they can absorb.
• Proven background with cloud platforms such as AWS, Azure or Google, specifically the cybersecurity risks associated with such platforms
• Strong knowledge of VDI, containers and API security
• Strong knowledge of SIEM solutions such as Splunk.
• Working knowledge of interacting with GRC platforms such as ZenGRC or equivalent
• Strong understanding of logging/monitoring, including advising across various teams using different toolsets
• Strong understanding of Information Security industry standards/best practices (e.g., NIST, ISO 27001, HITRUST) and various regulatory bodies and related security requirements (PCI-DSS, HIPAA, CCPA, SOX, GDPR) including a working knowledge of key privacy concerns
• Strong oral and written communication skills required, including a natural ability to tailor communication to various audiences
• Must be a creative problem solver, flexible, proactive, and work in a fast paced, ever-changing environment
• Strong collaboration, negotiation, problem solving and relationship-building skills.

Wellbeing

Our company's purpose is to improve the health and wellbeing of society.

Wellbeing is more than a catchphrase - it's a movement that permeates our company and through our team members. We are dedicated to enhancing and supporting the wellbeing of our team members and their families through benefits, programs, and resources across our five wellbeing pillars of emotional, financial, career, community, and physical health, with sleep at the center.

By joining our team, in addition to offering competitive pay programs, we are proud to offer eligible team members an extensive benefits package including, but not limited to medical and pharmacy benefits, dental, life and disability insurance, a matched 401(k) Plan, paid time off, and much more.

Examples of how we invest in your wellbeing:

• Sleep - Our 360® smart bed for team members, and discounts on our innovations and sleep solutions for yourself and friends and family throughout the year.
• Physical - Wide range of wellbeing resources and services through our medical plans to improve your physical health.
• Emotional - Access to mental health resources, caregiving support, paid time off and parental leave to support your emotional wellbeing. Work for your day flexibility, available for select corporate roles.
• Financial - Competitive base and variable pay programs, ability to save for the future through a matched 401(k) plan and financial support to recover from an illness or injury.
• Community - Paid time off for volunteering and connections to our communities through our Diversity, Equity & Inclusion initiatives, and support for charitable causes.
• Career - Opportunities for career development and continuous learning, including a tuition reimbursement program.

Safety

Safety is a top priority for Sleep Number supporting customers and team members wellbeing. COVID-19 Precaution(s) are in place consistent with CDC guidelines, U.S. Department of Labor's Occupational Health & Safety Administration (OSHA), and state/local laws.

EEO Statement

Sleep Number is an equal opportunity employer. We are committed to recruiting, hiring and promoting qualified people and prohibit discrimination based on race, color, marital status, religion, sex (including gender, gender identity, gender expression, transgender status, pregnancy, childbirth, and medical conditions related to pregnancy or childbirth), sexual orientation, age, national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed servicemember status or any other status protected by federal, state, or local law.

Americans with Disabilities Act (ADA)

It is Sleep Number's policy to provide reasonable accommodations to qualified individuals with disabilities during the application process, consistent with applicable law. We may require supporting medical or religious documentation where applicable and permissible by law. If you are a qualified individual, you may request a reasonable accommodation at any time during the selection process, including if you are unable or otherwise limited in your ability to access open roles here.