Information Security Specialist - Threat Detection
The Judge Group Inc.

Location: Phoenix, AZ
Salary: $125,000.00 USD Annually - $175,000.00 USD Annually
Description: Our client is currently seeking a Information Security Specialist - Threat Detection to join their growing team protecting one of the world largest, most heavily secured enterprise environments.

This job will have the following responsibilities:

• Collaborate with the Cyber Threat Intelligence team to identify and mitigate active or emerging threats targeting American Express.
• Conduct basic threat modeling of common environments to pinpoint threat detection opportunities across the MITRE ATT&CK framework.
• Partner with platform owners and Cyber Data Engineering to identify necessary telemetry for developing threat detection mechanisms.
• Perform in-depth analysis of logs and malicious artifacts.
• Analyze large datasets to detect trends and anomalies indicative of malicious activities.
• Develop, document, and maintain custom detection queries.

Qualifications & Requirements:

• 7+ years of experience in Incident Response, Threat Detection, or Threat Hunting.
• Extensive exposure to endpoint detection principles, network security principles, and advanced rule writing.
• Hands-on experience in a Security Operations Center (SOC) or security engineering environment.
• Excellent communication skills and the ability to work effectively in a team and fast-paced environment.
• Thorough knowledge of information security components, principles, practices, and procedures.
• Analytical approach with familiarity in solving complex security problems.
• Understanding of Operating System internals and the ability to analyze malicious code, scripts, and exploits.
• Experience analyzing logs and events from endpoint and other security solutions.
• Knowledge of network principles, topology, protocol behavior, and security devices (IPS, IDS, HIPS, firewall).
• Understanding of authentication principles and technologies, including Active Directory and RACF.
• Ability to evaluate threat intelligence and identify TTPs for detection mechanisms at both host and network levels.
• Expert knowledge in threat detection and intuition, with a deep understanding of malicious network traffic.
• Ability to analyze data from various sources and correlate it to meaningful security events.
• Advanced rule/query writing experience in at least one SIEM.
• Understanding of content testing, implementation, and revision cycles.
• Programming experience in at least one scripting language.
• University degree in computer science, computer engineering, or a related field, or equivalent experience.
• Preferred certifications: GCIA, GCDA, CISSP, or similar.

Contact: bjohnson@judge.com

This job and many more are available through The Judge Group. Find us on the web at www.judge.com

---