Senior Threat Engineer

Reinsurance Group of America is a purpose-driven organization focused on life- and health-related solutions. They are seeking a Senior Threat Engineer to create and execute standards and procedures to manage and mitigate cyber threats, while participating in global Security Operations and supporting incident response and threat detection.

Responsibilities:

• If required, participate in a 24/7 on-call rotation, alert triage, investigation
• Support and drive one or more of the following functions: incident response, threat detection, offensive security
• Support and develop orchestrations and automations that reduce manual tasks
• Perform mid-level instrusion and/or defensive analysis
• Support security -related audit/compliance/risk-reduction efforts
• Support and manage offensive and/or defensive security tooling development, testing, and management
• Support the development and delivery of metrics/reports at a Team and/or Organizational level
• Support the delivery of projects that drive down the overall risk and/or impact of a cybersecurity incident
• Determine and deliver logging requirements to better detect and respond to security threats
• Performs other duties as assigned

Requirements:

• Bachelor's Degree in Arts/Sciences (BA/BS) or equivalent experience required
• 3+ Years of experience in one or more areas; incident response, security engineering, offensive security, threat emulation, penetration testing, or security operations required
• Experience identifying and addressing telemetry gaps in security monitoring required
• Experience contributing to purple team exercises, including supporting risk hunting, telemetry validation, and detection efficacy required
• Experience developing and supporting cybersecurity metrics and reporting to support security operations required
• Experience creating automation/workflows to scale security operations required
• Ability to handle complex incidents and evolve strategies based on new information required
• Data analytical skills with the ability to investigate network, host, cloud and identity platforms required
• Ability to work independently within a globally distributed environment required
• Strong written and verbal communications skills required
• Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions required
• Mid level investigative, analytical and problem solving skills required
• Ability to set goals and handle multiple tasks, clients, and projects simultaneously required
• Ability to appropriately balance priorities, deadlines, and deliverables required
• Ability to work well within a team environment and participate in department/team projects required
• Technical Requirements: Windows, Mac, and Linux internals, Scripting (Powershell/Python/Javascript/Typescript) required
• Cloud computing (AWS), M365 suite and ecosystem, Microsoft domain environments, IAM/AAA technologies and architectures (Active Directory, Okta, OpenID, SAML, Oauth, JWT), Physical and Virtual Networking technologies and architecture, SIEM (Splunk), EDR (CrowdStrike, Microsoft Defender), Email security, DNS required
• 4+ Years of relevant experience preferred
• Technical Requirements: Cloud Computing (GCP, Azure), Forensic tools (FTK, Encase, X-Ways, SIFT), Service Now preferred
• Professional industry certification preferred