At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
What’s the role?
As a Lead Cybersecurity Engineer on the Threat Detection and Response team, your role will be to craft the incident management practices of the organization for continued efficiency and alignment to standard processes.
Primary Duties & Responsibilities
Your primary responsibilities will include:
- Operate in an incident command role for all major cybersecurity incidents.
- Be responsible for supervising the execution of remediation actions stemming from cybersecurity incidents.
- Planning and carrying out regular incident response and postmortem exercises, with a focus on crafting measurable benchmarks to show progress.
- Understand the portfolio of technologies used in threat detection and response, with an eye toward identifying automation opportunities so staff can focus on more sophisticated tasks.
- Evaluate and refine SOC playbooks and processes.
- Be responsible for maintaining quality of service standards for the execution of task work.
- Develop and maintain critical metrics and scorecards for operational efficiency.
- Work with SEIM/SOAR teams to implement automation and detections to improve the organizations’ cyber-defense posture.
- Work within the multi-functional purple team to assist in planning and coordination of purple team activities.
- Using regular expressions to define filters and pattern matches.
- Writing sophisticated Splunk SPL queries, dashboards, and alerts.
- Familiarity with MITRE ATT&CK framework, understanding various techniques & tactics used by threat actors, and how those activities are detected.
- SOC / Incident Response investigative skills, such as digital forensics, memory analysis, malware reverse engineering or threat hunting.
- Experience integrating various security tools and log output used to detect malicious behavior.
- Experience in scripted IT operations by way of Systems Administration, Software Development, DevOps or Site Reliability Engineering.
- Strong problem solving, ability to analyze, design, develop, deploy, and support solutions.
- 5-7 years working in security operations roles.
- Experience operating in a 24x7 environment.
- Degree with an emphasis in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, MIS or related field
- Background in information technology with an emphasis on network or systems administration.
- Hold or willingness to acquire certifications such as GCIH, GCFE, GCFA, GDAT, CISSP or other relevant security certifications.
GROW YOUR CAREER WITH AN OUTSTANDING COMPANY THAT PUTS OUR CLIENT’S INTERESTS AT THE CENTER OF ALL WE DO. GET STARTED NOW!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!
W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
FIND YOUR FUTURE
We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Flexible work schedules
Employee resource groups