Senior Threat Engineer
United States of America
Full Time
5 hours ago
$89,000 - $135,000 USD
H1B Sponsor Likely
Key skills
JavaScriptTypeScriptPythonPowerShellAWSAzureGCPIAMOAuthJWTOktaSAMLActive DirectorySplunkProblem SolvingPenetration Testing
About this role
Reinsurance Group of America is a Fortune 200 Company focused on life- and health-related solutions, seeking a Senior Threat Engineer to defend against cyber threats. The role involves creating and executing standards to manage risks, participating in security operations, and driving security innovation through automation and incident response.
Responsibilities:
- If required, participate in a 24/7 on-call rotation, alert triage, investigation
- Support and drive one or more of the following functions: incident response, threat detection, offensive security
- Support and develop orchestrations and automations that reduce manual tasks
- Perform mid-level instrusion and/or defensive analysis
- Support security -related audit/compliance/risk-reduction efforts
- Support and manage offensive and/or defensive security tooling development, testing, and management
- Support the development and delivery of metrics/reports at a Team and/or Organizational level
- Support the delivery of projects that drive down the overall risk and/or impact of a cybersecurity incident
- Determine and deliver logging requirements to better detect and respond to security threats
- Performs other duties as assigned
Requirements:
- Bachelor's Degree in Arts/Sciences (BA/BS) or equivalent experience required
- 3+ Years of experience in one or more areas; incident response, security engineering, offensive security, threat emulation, penetration testing, or security operations required
- Experience identifying and addressing telemetry gaps in security monitoring required
- Experience contributing to purple team exercises, including supporting risk hunting, telemetry validation, and detection efficacy required
- Experience developing and supporting cybersecurity metrics and reporting to support security operations required
- Experience creating automation/workflows to scale security operations required
- Ability to handle complex incidents and evolve strategies based on new information required
- Data analytical skills with the ability to investigate network, host, cloud and identity platforms required
- Ability to work independently within a globally distributed environment required
- Strong written and verbal communications skills required
- Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions required
- Mid level investigative, analytical and problem solving skills required
- Ability to set goals and handle multiple tasks, clients, and projects simultaneously required
- Ability to appropriately balance priorities, deadlines, and deliverables required
- Ability to work well within a team environment and participate in department/team projects required
- Technical Requirements: Windows, Mac, and Linux internals, Scripting (Powershell/Python/Javascript/Typescript) required
- Cloud computing (AWS), M365 suite and ecosystem, Microsoft domain environments, IAM/AAA technologies and architectures (Active Directory, Okta, OpenID, SAML, Oauth, JWT), Physical and Virtual Networking technologies and architecture, SIEM (Splunk), EDR (CrowdStrike, Microsoft Defender), Email security, DNS required
- 4+ Years of relevant experience preferred
- Technical Requirements: Cloud Computing (GCP, Azure), Forensic tools (FTK, Encase, X-Ways, SIFT), Service Now preferred
- Professional industry certification preferred