Trustwave Government Solutions is a leading provider of data security and compliance services to the U.S. Federal government. Our team of security experts, ethical hackers and researchers, enables our government partners to transform the way they manage their information security and compliance programs results to ensure each customer receives valuable outcomes at the best value. The agencies we work with benefit from our collaborative, innovative approach to meeting their unique needs. We listen carefully and respond nimbly. Our solutions combine industry best practices with customized technology to ensure quality and integrity.
A Cyber Threat Engineer is a member of the Global Threat Operations (GTO) team within Trustwave Managed Security Services (MSS). In addition to possessing technical knowledge, a Threat Engineer interacts extensively with customers and partners using polite professional etiquette, and serves as a technical point of escalation within GTO.
Want more jobs like this?
Get Software Engineering jobs in Greenwood Village, CO delivered to your inbox every week.
Cyber Threat Engineers perform the following duties:
- Use strong TCP/IP networking skills to perform network analysis and understand detected threats.
- Analyze escalated, complex cases involving a pattern of security events from firewalls, IDS, IPS, SIEM, Web Application Firewall (WAF), and other security data sources.
- Resolve intractable technical problems within managed security solutions as part of a sustained improvement project.
- Create, improve, and document processes for the management and monitoring of security solutions.
- Tune devices for blocking and reporting based on customer business need.
- Configure, manage, and upgrade Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), and Security Information and Event Monitoring (SIEM) platforms.
- Baseline threat detection devices for unique customer environments.
- Test and improve signature-based and other detection methods.
- Take responsibility for customer satisfaction and overall success of managed services.
- Respond to needs and questions of customers in a polite, positive, and professional manner concerning their managed services, managed devices and detected threats.
- Adhere to policies, procedures, and security best practices.
- Resolve problems independently and understand the correct escalation procedures.
- Perform rotating on-call duties (nights/weekend rotations).
- Act as a mentor and escalation point for analysts within the Global Threat Operations team.
Skills & Knowledge Requirements:
Must have intermediate skills/knowledge in some of the following:
- Security Information and Event Management (SIEM) management
- Web Application Firewall (WAF) management
- Unix / Linux and Windows system administration
- Information security best practices & network security architecture
- Sourcefire/Snort based security products
- Current exploit and remediation techniques
- Web Services Administration
- TCP/IP networking
- IP Tables/Packet filter firewalls
- Vulnerability Scanning technologies
- Log collection and analysis tools
- Endpoint security concepts and products
- Information security or networking
- Intrusion analysis experience
- Excellent customer service skills
- Excellent analytical thinking and problem solving skills
- Strong oral and written communication skills
- Self-managed and team oriented
- Deadline and detail oriented
- Highly motivated
- English: Demonstrated Fluency
- Must have or be able to obtain a Top Secret Clearance
- Intermediate to advanced experience in Information Security related areas
- Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.
- 2nd language is also desired: Spanish, Portuguese
- A high school diploma or equivalent is required; a college or university degree is a plus.
This is a remote opportunity open to anyone legally authorized to work in the (country name). Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.
Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.
Per Federal government contracting requirements, candidate must be a US citizen, as well as potentially pass and maintain a National Agency Check with Local Agency and Credit Checks (NACLC).
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.