Delta Dental Ins.Remote
Expert (Staff) Cyber Risk Management Engineer
United States of America
Full Time
4 hours ago
$142,000 - $308,000 USD
No H1B
Key skills
Cyber Risk ManagementIncident ResponseThreat HuntingSecurity ArchitectureOperating SystemsCloud EnvironmentsForensic ToolsScripting SkillsPythonBashPowerShellAIAWSAzureGCPSplunkRisk ManagementCommunicationCollaboration
About this role
Delta Dental Ins. is dedicated to safeguarding health and financial stability, and they are seeking an Expert (Staff) Cyber Risk Management Engineer to evolve their intelligence-driven detection pipeline and incident response program. This role involves handling complex security incidents, building detection frameworks, and driving the overall security strategy within the Cyber Risk Management team.
Responsibilities:
- Act as the Incident Commander for critical security events as part of our on-call rotation
- Foster a culture of learning through blameless post-mortems to drive measurable improvements in both processes and tooling
- Analyze security alerts and data from various sources (SIEM, EDR, IDS/IPS, logs) to identify and investigate sophisticated threats
- Lead tabletop exercises and IR simulations to a variety of audiences in order to test and refine incident response plans, identify weaknesses, and enhance communication and collaboration
- Proactively identify potential threats and weaknesses across systems and networks through hypothesis driven threat hunting
- Identify gaps in detection coverage and proactively develop new telemetry, detections, and analytic approaches to address emerging threats across endpoint, identity, cloud, and network domains
- Fuse internal telemetry with open source, commercial, and internal intelligence sources to prioritize risks and improve detection strategies
- Track adversary TTPs and feed findings back into our hunting and detection pipelines
- Leverage automation, enrichment, and playbook-driven workflows to reduce manual triage, improve signal quality, and scale detection and response capabilities
- Work closely with engineering, IT, and risk/compliance teams to improve detection coverage and incident preparedness
- Lead exploration and responsible adoption of AI to improve detection, response, and analyst workflows, while deeply analyzing how adversarial use of AI evolves tradecraft, reshapes attack surfaces, and impacts enterprise risk
- Translate technical findings into clear, actionable insights for stakeholders, contributing to executive-facing metrics and narratives around detection efficacy and risk reduction
- Anticipate and prepare for evolving threats and technology shifts by proactively adapting tooling and detection strategies
Requirements:
- 7+ years of relevant professional experience with a Bachelor's degree in Computer Science, Information Security or a related field; an equivalent combination of education and experience will also be considered
- 7+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments
- Deep understanding of operating systems (Windows, Linux, macOS), network protocols, cloud environments (AWS, GCP, Azure), and common attack techniques (MITRE ATT&CK)
- Proficiency with investigation and forensic tools such as EDR platforms (CrowdStrike, SentinelOne), log aggregators (Splunk, ELK), and packet capture tools (Wireshark, Zeek)
- Demonstrated ability to lead high-pressure incident response scenarios across technical and non-technical teams
- Scripting skills in Python, PowerShell, or Bash for automation and analysis or experience with SOAR platforms is highly preferred