The Resident Threat Engineer (RTE) will provide expert support, analysis and research into complex problems and processes relating to deployed Palo Alto Networks equipment. The RTE will function as the Palo Alto Networks products Subject Matter Expert (SME) and will interact directly with the customer's personnel. The RTE will serve as the technical expert on executive-level project teams within the customer providing technical direction, interpretation, and alternatives. The RTE contributes to the development of new principles and concepts, works on unusually complex technical problems and provides solutions which are highly innovative and ingenious. This is a highly technical, hands-on role and the RTE will be required to develop and maintain an expertise on the products and solutions deployed within the Customer's network.
- Analyze logs and events from the solution and provide threat analysis reports
- Produce written intelligence around IOC data to integrate into cyber range solutions using any of the following specifications/technologies: STIX/TAXII, JSON or specifications as necessary
- Interact with the Palo Alto Networks Unit 42 to analyze cybersecurityevents
- Create Red Team package solutions using threat intelligence (Unit 42) for use in cyber game events and document Blue Team resolution/best practices against threat.
- Ensure client needs are met and deliverables produced on time according to the specified scope
- Ability to document and template necessary documentation packages for customers as defined
- Ability to work on a team or lead a team depending upon the specified project
- Ability to provide complex solutions in customer environments and execute/document said solutions by self or as a team leader
- Other tasks and duties as needed to support the customer and/or business
- Excellent written and verbal communication skills.
- Minimum 5 years’ experience with IDS/IPS solutions and technologies
- Minimum 3 years’ experience managing security solutions in large environments
- Minimum 3 years’ experience as a cybersecurity incident response engineer
- Extensive knowledge of different securitythreats
- Extensive scriptingexperience (Python desired)
- Extensive knowledge of network and protocol troubleshooting and analysis
- Strong understanding of Internet protocols and applications
- Experience integrating IOC intelligence into cybersecurity operational environments
- Ability to effectively juggle and manage many different tasks simultaneously
- Ability to obtain a US Government Security Clearance
- BS in Computer Science, MIS, business, or equivalent education/training/experience
- GIAC, CEH, OSCP or CISSP certifications a plus.
- Experience with SaltStack or similar orchestration framework