Offer summary

Qualifications:

Minimum 7 years of experience in network security or incident response., Proficiency in analyzing security alerts and malware analysis., Experience with investigative tools like SIEM, packet capture, and memory analysis., Strong scripting skills, preferably in Python, and relevant security certifications..

Key responsibilities:

Analyze potential security intrusions and events in-depth.

Create and maintain security alerts and automate workloads.

Respond to security threats by executing incident response processes.

Develop detection and mitigation rules based on industry threat indicators.

Job description

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

This role is a member of the larger Threat Detection Services organization, and will work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger cyber defense program activities.

We are a geographically diverse team, with offices and personnel around the globe, making this a remote work position for the right candidate. To support these requirements in addition to the technical skills listed below ideal candidates will also have prior remote work experience and possess necessary soft skills to support their success.

What You'll Bring:

Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event.
Hands on security alerts creation and maintenance, workload automation.
Maintain accurate and complete records of incidents and investigations.
Execute incident response processes to respond to security threats and attacks.
Create detection and mitigation rules based on indicators of compromise that align with industry threats.
Assist in the design, evaluation, and implementation of new security technologies.
Update incident response playbooks to minimize gaps in response processes.
Extract and analyze malware to determine their nature.
This may include either static code analysis or runtime/execution analysis or both.
Experience in Platform engineering/Content engineering
Understanding agile methodology/SDLC
hands on Scripting Language, preferably Python

Impact You'll Make:

7+ years of Network/Security/Incident Response experience.
Advanced Operating System and Network knowledge.
Experience identifying, investigating, and responding to complex attacks
Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
Knowledge of at least one scripting language.
Any Security related certification(s)
Ability to work independently as well as collaboratively within a team.
Ability to quickly grasp high-level technical concepts.
Good communication and interpersonal skills.
SANS SEC503: Intrusion Detection In-Depth (nice to have)
SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have)

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Consultant, Cybersecurity

Required profile