11 Sep
Cyber Defense Specialist, Principal
California, Eldoradohills , 95762 Eldoradohills USA

Vacancy expired!

Blue Shield of California's mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that truly serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience.To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our comprehensive approach to DE&I combines a focus on our people processes and systems with a deep commitment to promoting social justice and health equity through our products, business practices, and presence as a corporate citizen.Blue Shield has received awards and recognition for being a certified Great Place to Work, best place to work for LGBTQ equality, leading disability employer, one of the best companies for women to advance, Bay Area's top companies in volunteering & giving, and one of the world's most ethical companies. Here at Blue Shield of California, we are striving to make a positive change across our industry and the communities we live in - join us!Your RoleThe Information Security team is looking for a certified security professional to join our fast paced, highly collaborative, and diverse team of talent. Our mission is to provide operationally excellent next-generation information security event monitoring, threat hunting, and incident response services that protect Blue Shield from adverse cyber events . The Information Security Cyber Defense Specialist, Principal will report to the Senior Manager of Information Security Operations providing principal leadership for the team. In this role you will gain an advanced knowledge of security products, put to practice standard coding and scripting such as Python, Powershell, and other scripting languages. In this position, you will have a lead role in the digital transformation of our security Information Event Management (SIEM) and Security Orchestration Automation & Response platforms (SOAR).Your WorkIn this role, you will:

  • Design, manage, and booster playbooks for Security Orchestration, Automation, and Response (SOAR)
  • Design, correlate, and interpret logs for expert level threat hunting using a security information and event management (SIEM) environment; perform technical search correlations and engineer methods to identify and respond to indicators of compromise (IOCs) and threats including User and Event Behavioral Analytics (UEBA)
  • Collaborate with members of the intel community to characterize adversarial nation-state behavior and zero-day vulnerability exploits
  • Design and maintain security event and incident metric; key performance indictors (KPI) reporting
  • Respond and facilitate expert level tier-3 incident management; mobilize security incident response team (SIRT) of key stakeholders; communicate and notify at all levels of the organization; perform post-incident activity lesson learned assessments and identify owners of correction action plans (CAP)
  • Develop and boost tactics, techniques, and procedures for incident response containment
  • Demonstrate security operation excellence and provide event monitoring support to the Security Operation Center (SOC) analysts
  • Perform expert level endpoint detection and response (EDR) in security technologies; identify and foster next-gen capabilities and fine-tune events to eliminate false positives
  • Provide advisory network intrusion monitoring and response
Your Knowledge and Experience
  • A degree in Computer Science or Security Engineering or related field with a minimum of 6-9 years dedicated to IT, information security, and/or security infrastructure experience OR a combination of equivalent work experience and education.
  • Certification(s) demonstrating a core competency in the area of Information Security Incident Handling and threat hunting
  • Security Incident Handling & Response
  • SIEM Management within the Splunk Environment
  • Data analytics
  • Intrusion detection and network tools; Wireshark, Nmap
  • Web proxies
  • Cloud access security broker (CASB)
  • VMware and virtualization platforms
  • Database activity monitoring
  • Application security
  • Anti-virus and malware detection
  • Social engineering and phishing detection
  • Identity & Access Management
  • Host-base forensics
  • Effective verbal and non-verbal communication skills at all levels of the organization
  • Leadership teamwork and collaboration
  • Trustworthiness and discretion
  • Problem solving
  • Critical Thinking
  • Ability to cope with stress
Our Values
  • Honest. We hold ourselves to the highest ethical and integrity standards. We build trust by doing what we say we're going to do and by acknowledging and correcting where we fall short.
  • Human. We strive to be our authentic selves, listening and communicating effectively, and showing empathy towards others by walking in their shoes.
  • Courageous. We stand up for what we believe in and are committed to the hard work necessary to achieve our ambitious goals.
#Dice

Vacancy expired!

Subscribe for new vacancies
Report job