Relativity
Lead Security Engineer - Cyber Security
–
Relativity Join to apply for the
Lead Security Engineer - Cyber Security
role at
Relativity . Job Overview
As a Lead Cyber Security Engineer, you will ensure the security of Relativity’s network and infrastructure. Your main responsibilities involve investigating and analyzing emerging threats against our assets, identities, and clients; providing actionable remediation guidance; and collaborating with highly skilled cyber experts to anticipate and mitigate evolving threats using world‑class tools and next‑generation capabilities. Responsibilities
Review, validate, and triage alerts and conduct technical analysis of log data from various sensors, signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud, and network‑based indicators to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy. Build automation to search collected telemetry for advanced threats that evade existing solutions. Create SOC playbooks, SOPs, configuration guides, and secure standards. Automate incident‑handling processes. Engage in continuous research of emerging threats and apply appropriate countermeasures. Serve as a subject‑matter expert on the mechanism and analysis of observed malicious activity. Document and communicate investigation findings to technical and executive stakeholders. Identify and automate away technical burdens. Build automation to deploy, operate, and connect multiple cyber‑security tools and applications. Preferred Qualifications
7+ years in a Security Operations Center, Incident Response, or Threat Detection team for cloud applications and corporate networks. Exposure to threat detection development and tuning. Experience in software design and development. DevSecOps experience. Ability to perform threat hunting, threat emulation, or purple‑team exercises. Familiarity with industry‑standard security devices and their configuration. Experience in reverse engineering malicious code. Experience with threat intelligence tools and processes. Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH. 5+ years in a Security Operations Center, Incident Response, or Threat Detection team. Strong cyber incident response skills (network forensics, memory forensics, packet analysis). Ability to read, write, and analyze PowerShell, C#, and Python. Capability to manage prioritization of complex security events. Advanced understanding of SOC/CIRT processes and documentation. Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks. Ability to collaborate worldwide to execute high‑level objectives. Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls. Good understanding of attacker tools, tactics, and procedures. Strong analytical and problem‑solving skills. Minimum Qualifications
5+ years in a Security Operations Center, Incident Response, or Threat Detection team. Strong cyber incident response skills (network forensics, memory forensics, packet analysis). Ability to read, write, and analyze PowerShell, C#, and Python. Capability to manage prioritization of complex security events. Advanced understanding of SOC/CIRT processes and documentation. Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks. Ability to collaborate globally to execute high‑level objectives. Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls. Good understanding of attacker tools, tactics, and procedures. Strong analytical and problem‑solving skills. Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks. Salary
This position is eligible for total compensation, including a competitive base salary, an annual performance bonus, and long‑term incentives. Expected salary range:
$150,000 – $226,000 . Final salary will be based on experience, qualifications, and internal equity. Hiring at the top end of the range is uncommon, allowing future meaningful growth. Suggested Skills
Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management. Seniority Level
Mid‑Senior level Employment Type
Full‑time Job Function
Information Technology Industries
Software Development Location
Massachusetts, United States
#J-18808-Ljbffr
–
Relativity Join to apply for the
Lead Security Engineer - Cyber Security
role at
Relativity . Job Overview
As a Lead Cyber Security Engineer, you will ensure the security of Relativity’s network and infrastructure. Your main responsibilities involve investigating and analyzing emerging threats against our assets, identities, and clients; providing actionable remediation guidance; and collaborating with highly skilled cyber experts to anticipate and mitigate evolving threats using world‑class tools and next‑generation capabilities. Responsibilities
Review, validate, and triage alerts and conduct technical analysis of log data from various sensors, signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud, and network‑based indicators to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy. Build automation to search collected telemetry for advanced threats that evade existing solutions. Create SOC playbooks, SOPs, configuration guides, and secure standards. Automate incident‑handling processes. Engage in continuous research of emerging threats and apply appropriate countermeasures. Serve as a subject‑matter expert on the mechanism and analysis of observed malicious activity. Document and communicate investigation findings to technical and executive stakeholders. Identify and automate away technical burdens. Build automation to deploy, operate, and connect multiple cyber‑security tools and applications. Preferred Qualifications
7+ years in a Security Operations Center, Incident Response, or Threat Detection team for cloud applications and corporate networks. Exposure to threat detection development and tuning. Experience in software design and development. DevSecOps experience. Ability to perform threat hunting, threat emulation, or purple‑team exercises. Familiarity with industry‑standard security devices and their configuration. Experience in reverse engineering malicious code. Experience with threat intelligence tools and processes. Certifications such as GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH. 5+ years in a Security Operations Center, Incident Response, or Threat Detection team. Strong cyber incident response skills (network forensics, memory forensics, packet analysis). Ability to read, write, and analyze PowerShell, C#, and Python. Capability to manage prioritization of complex security events. Advanced understanding of SOC/CIRT processes and documentation. Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks. Ability to collaborate worldwide to execute high‑level objectives. Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls. Good understanding of attacker tools, tactics, and procedures. Strong analytical and problem‑solving skills. Minimum Qualifications
5+ years in a Security Operations Center, Incident Response, or Threat Detection team. Strong cyber incident response skills (network forensics, memory forensics, packet analysis). Ability to read, write, and analyze PowerShell, C#, and Python. Capability to manage prioritization of complex security events. Advanced understanding of SOC/CIRT processes and documentation. Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks. Ability to collaborate globally to execute high‑level objectives. Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls. Good understanding of attacker tools, tactics, and procedures. Strong analytical and problem‑solving skills. Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks. Salary
This position is eligible for total compensation, including a competitive base salary, an annual performance bonus, and long‑term incentives. Expected salary range:
$150,000 – $226,000 . Final salary will be based on experience, qualifications, and internal equity. Hiring at the top end of the range is uncommon, allowing future meaningful growth. Suggested Skills
Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management. Seniority Level
Mid‑Senior level Employment Type
Full‑time Job Function
Information Technology Industries
Software Development Location
Massachusetts, United States
#J-18808-Ljbffr