• Analyze attacker TTPs from security events across a large heterogeneous network.

  • Partner with the Security Operations/Engineering and other teams, improve and optimize SOC/IR tools, workflows, use cases, and detection mechanisms, to mature monitoring, detection, and response capabilities.

  • Partner with the Red/Purple team to help test, improve, and optimize the efficacy of security controls, remediate identified gaps, and improve overall security posture and defenses.

  • Adhere to SLAs, metrics and business scorecards for ticket handling of security incidents and events.

  • Help plan and execute regular incident response exercises, help focus on creating measurable benchmarks (SLAs, KPIs, metrics) to show progress or deficiencies requiring additional attention.

  • Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, Data Loss Prevention (DLP), endpoint controls, databases, wireless security, and data networking to offer global solutions for a complex heterogeneous environment.

  • Evaluate SOC/IR policies and procedures and recommend updates to management as appropriate.

Knowledge, Skills and Abilities:

   Required:

  • Experience with information security monitoring, detection, incident response, or related experience.

  • Experience working in a 24x7 operational environment, with geographic disparity preferred.

  • A mix of Blue Team and/or Red/Purple Team and/or MSSP experience preferred.

  • Passionate about Cyber Defense, cutting edge technology, investigating and analyzing logs, alerts, incidents, traffic directionality, protocols, and other aspects of security events.

  • Knowledge of incident generation, correlation, aggregation, tuning (noise to signal), packet/payload inspection, differentiating between true/false positives/negatives.

  • Understanding of applications, operating systems, networking, cloud infrastructure, and attacker TTP.

  • Experience driving measurable improvement in monitoring and response capabilities at scale.

  • General understanding of security fundamentals (cryptography, least privilege, segregation of duties, …) and general security technologies, including operating systems (Windows, Linux, MacOS), network security (firewalls, VPNs, EDR, Web Content Filtering, etc.), security incident and event management, business continuity, physical security, identity management, directory services, etc.

  • Cloud experience with Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).

  • Understand AWS services: EC2, VPC, IAM, AWS Systems Manager, etc.

  • Understand CVSS scoring, OWASP, the MITRE ATT&CK framework, SDLC, etc.

  • Working knowledge/experience with network systems, security principles, applications and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI-DSS), Health Information Portability and Accountability Ace (HIPAA), Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR).

  • Self-starter requiring minimal supervision.  Strong work ethic, including consistent documentation and tracking of activities.

  • Excellent problem solving, critical thinking, collaboration, and communication skills

  • A strong passion for cyber security, and ability to learn and work, in a fast paced and dynamic environment.

  • Highly organized and efficient, with an analytical and problem-solving mindset.

  • Demonstrates strategic and tactical thinking, along with decision-making skills and business acumen

Equipment Knowledge: 

  • Experience working with a broad range of Cyber Defense security tools, SIEM systems (dashboards, alerts, queries, regex, etc.), threat intelligence platforms, security automation and orchestration solutions (SOAR), intrusion detection and prevention systems (IDS/IPS), web filters, endpoint detection and response (EDR/NGAV), file integrity monitoring (FIM), DLP, cloud platforms (AWS, GCP, Azure), email security, and other network and system monitoring tools.

  • Experience with container platforms (Docker, Kubernetes, …) desired.

  • Knowledge of IT/Information Security Audit and assessment.

  • Knowledge of information security practices and concepts including firewalls, intrusion detection/prevention, EDR, NetFlow analysis, access controls, risk analysis, vulnerability scanning, web content filtering, web proxy systems, DFIR, application whitelisting and data encryption.

  • Experience with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, etc.).

  • Experience with Google Workspace (e.g., Gmail, Drive, Docs, Sheets, Forms. etc.) preferred.

Experience Requirements:

At least 3+ years experience in information security monitoring, incident response, security operations, or related experience. A minimum two (2) years of security monitoring, incident response, security operations, Blue Team, Red/Purple Team, and/or MSSP experience, preferred. Preferred certifications: OSCP, GIAC ( GCIH, GCIA, GPEN, GWAPT), CISSP, or equivalent.

Education Requirements: 

BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems, or comparable training/experience, or a combination of education and equivalent work experience.

 

 

 

#LI-REMOTE

About iHerb
iHerb is on a mission to make health and wellness accessible to all. We offer Earth’s best-curated selection of health and wellness products, at the best possible value, delivered with the most convenient experience.

We’re the world’s largest eCommerce platform dedicated to vitamins, minerals, and supplements, and other health and wellness products. For more than 25 years, we’ve been making it simple for people all over the world to purchase the highest quality products. From supplements to skincare to grocery items, we ship over 30,000 products, from over 1,200 brands direct to our customers in 185+ countries.

Our vision is to become the #1 destination for health and wellness across the world.

With a passion for wellness and a mind for innovative solutions, iHerb team members share a vision for a healthier world that drives them each day. Our 5 Shared Values unite our global team:

Focus on the Customer · Empower Our People · Be Entrepreneurial & Pivot Quickly ·
Embrace Diversity & Inclusion · Strive for Simplicity

iHerb Benefits
At iHerb, we are dedicated to offering programs designed to help our employees and their families stay healthy, live well and plan for the financial future. Built on a strong foundation, our programs provide options and upgrades with flexibility, protection, and security in mind. For our international team members, you may be eligible for similar benefits depending on the country where you are employed. For a more comprehensive listing, visit www.iHerbBenefits.com. Please discuss the specific benefits for which you may be eligible with your local HR representative/recruiter.

iHerb is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. iHerb provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment.

Apply for this Job

* Required