This role will be a key member of the team responsible for participating in threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the role is to detect, disrupt and eradicate threat actors from enterprise networks. To execute this mission, you will use data analysis, threat intelligence, and cutting-edge security technologies.
The Ops Active Detection and Response team is responsible for performing proactive detection of advanced threat actors within our network. Our analysts spend each day hunting for evidence of threat actor activity and working with engineering and security teams to improve our detection capabilities and security controls. As a hunter, you will constantly research new security topics, develop and test your hypotheses, and share your knowledge and findings with your teammates.
- Participate in threat hunting operations in complex and critical environments. Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network.
- Perform threat research to proactively identify potential threat vectors and work with engineering and security teams to improve prevention and detection methods.
- Analyze and assess security appliance, network, and host based logs to differentiate between malicious and benign activity.
- Analyze malicious code, packet capture files, and artifacts.
- Identify gaps in logging capabilities and develop and propose strategies to fill gaps.
- Identify and propose automated alerts for new and previously unknown threats.
- Strong written and verbal communication skills.
- Demonstrated enthusiasm for learning new things and ability to pick up new ideas quickly.
- Experience working with AWS
- Experience with coding for automation
- Strong Unix/Linux experience
- Strong understanding of security technologies
- Knowledge and experience with network, host and application security practices
- Experience in vulnerabilities and exploits
- Medical, dental, vision
- 401k Retirement Plan
- Unlimited Paid Time Off
- Catered lunch (every day), snacks, and drinks
- Gym reimbursement
- Employee referral bonus program
- Awesome coworkers
- Maternity and paternity plans
Databricks’ mission is to accelerate innovation for its customers by unifying Data Science, Engineering and Business. Founded by the original creators of Apache Spark™, Databricks provides a Unified Analytics Platform for data science teams to collaborate with data engineering and lines of business to build data products. Users achieve faster time-to-value with Databricks by creating analytic workflows that go from ETL and interactive exploration to production. The company also makes it easier for its users to focus on their data by providing a fully managed, scalable, and secure cloud infrastructure that reduces operational complexity and total cost of ownership. Databricks, venture-backed by Andreessen Horowitz, NEA and Battery Ventures, among others, has a global customer base that includes Viacom, Shell, and HP. For more information, visit www.databricks.com.
Apache, Apache Spark and Spark are trademarks of the Apache Software Foundation.