Relativity
Job Overview
As a Senior Lead Cybersecurity Engineer, your mission will be to safeguard Relativity's network and infrastructure. You will play a pivotal role in investigating and analyzing emerging threats against our assets, identities, and clients. In collaboration with a team of highly skilled cyber experts, you will engage world-class tools and advanced capabilities to proactively anticipate and mitigate evolving threats.
Responsibilities:
Review, validate, and triage alerts while performing technical analysis of log data from a diverse array of sensors, incorporating correlated signature logic and threat intelligence sources.
Analyze the impact of security events utilizing host, cloud, and network-based indicators, delivering actionable incident escalations to enhance security posture.
Develop and implement detection and prevention signatures, incorporating response actions into a multi-layered defensive strategy.
Automate searches through collected telemetry to uncover advanced threats that might avoid existing security solutions.
Draft and maintain Standard Operating Procedures, SOC playbooks, configuration guides, and security standards.
Streamline incident handling processes through automation.
Commit to continuous research on emerging threats and apply proactive countermeasures in a dynamic environment.
Act as a subject matter expert, analyzing and explaining observed malicious activities effectively.
Document and communicate investigation findings clearly to both technical and executive stakeholders.
Focus on reducing technical burdens through automation.
Build automation systems to deploy, operate, and connect multiple cybersecurity tools and applications efficiently.
Preferred Qualifications: 7+ years of experience within a Security Operations Center, Incident Response, or Threat Detection team focused on Cloud applications and corporate networks.
Proficient in threat detection development and tuning.
Experience with software design and development.
Knowledge of DevSecOps methodologies.
Skills in threat hunting, threat emulation, and purple teaming exercises.
Familiarity with standard security devices and their configurations.
Experience in reverse engineering malicious code for examination of infection and propagation mechanisms.
Familiarity with threat intelligence tools and processes.
Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH are preferred.
5+ years in a Security Operations Center, Incident Response, or Threat Detection team.
Strong cyber incident response capabilities including network forensics, memory forensics, and packet analysis.
Proficiency in PowerShell, C#, and Python.
Ability to prioritize complex security events independently.
Advanced understanding of SOC/CIRT operational processes and documentation.
Expertise in TCP/IP, network services, cryptography, and cloud/web application vulnerabilities.
Collaborative ability to work with a global team to enhance Relativity's security posture.
Deep knowledge of infection mechanisms, malicious behaviors, exploitation techniques, and mitigative controls.
Solid understanding of attacker tools, tactics, and procedures.
Strong analytical and problem-solving skills.
Ability to use programming and scripting languages to develop automations and construct SOAR playbooks.
Relativity is dedicated to fair and equitable compensation practices. This role offers a total compensation package including a competitive base salary, an annual performance bonus, and long-term incentives. The anticipated salary range for this position is between $150,000 and $226,000. The final salary will consider various factors including experience, skills, and qualifications, ensuring internal pay equity. Typically, hiring will be below the top of the range to allow for future salary growth opportunities.
Analyze the impact of security events utilizing host, cloud, and network-based indicators, delivering actionable incident escalations to enhance security posture.
Develop and implement detection and prevention signatures, incorporating response actions into a multi-layered defensive strategy.
Automate searches through collected telemetry to uncover advanced threats that might avoid existing security solutions.
Draft and maintain Standard Operating Procedures, SOC playbooks, configuration guides, and security standards.
Streamline incident handling processes through automation.
Commit to continuous research on emerging threats and apply proactive countermeasures in a dynamic environment.
Act as a subject matter expert, analyzing and explaining observed malicious activities effectively.
Document and communicate investigation findings clearly to both technical and executive stakeholders.
Focus on reducing technical burdens through automation.
Build automation systems to deploy, operate, and connect multiple cybersecurity tools and applications efficiently.
Preferred Qualifications: 7+ years of experience within a Security Operations Center, Incident Response, or Threat Detection team focused on Cloud applications and corporate networks.
Proficient in threat detection development and tuning.
Experience with software design and development.
Knowledge of DevSecOps methodologies.
Skills in threat hunting, threat emulation, and purple teaming exercises.
Familiarity with standard security devices and their configurations.
Experience in reverse engineering malicious code for examination of infection and propagation mechanisms.
Familiarity with threat intelligence tools and processes.
Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH are preferred.
5+ years in a Security Operations Center, Incident Response, or Threat Detection team.
Strong cyber incident response capabilities including network forensics, memory forensics, and packet analysis.
Proficiency in PowerShell, C#, and Python.
Ability to prioritize complex security events independently.
Advanced understanding of SOC/CIRT operational processes and documentation.
Expertise in TCP/IP, network services, cryptography, and cloud/web application vulnerabilities.
Collaborative ability to work with a global team to enhance Relativity's security posture.
Deep knowledge of infection mechanisms, malicious behaviors, exploitation techniques, and mitigative controls.
Solid understanding of attacker tools, tactics, and procedures.
Strong analytical and problem-solving skills.
Ability to use programming and scripting languages to develop automations and construct SOAR playbooks.
Relativity is dedicated to fair and equitable compensation practices. This role offers a total compensation package including a competitive base salary, an annual performance bonus, and long-term incentives. The anticipated salary range for this position is between $150,000 and $226,000. The final salary will consider various factors including experience, skills, and qualifications, ensuring internal pay equity. Typically, hiring will be below the top of the range to allow for future salary growth opportunities.