Relativity
Lead Security Engineer - Cyber Security
As a Lead Cyber Security Engineer, you will ensure the security of Relativity’s network and infrastructure. The main responsibilities include investigating and analyzing emerging threats against our assets, identities, and clients, providing actionable remediation guidance, and collaborating with highly skilled cyber experts to anticipate and mitigate evolving threats using world‑class toolsets and next‑generation capabilities.
Posting Type Remote
Responsibilities
Review, validate, and triage alerts and perform technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources.
Assess the impact of security events by leveraging host, cloud and network‑based indicators and evidence to deliver actionable incident escalations.
Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types.
Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions.
Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards.
Automate incident handling processes.
Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment.
Serve as a subject‑matter expert in the mechanism and analysis of observed malicious activity.
Clearly document and communicate investigation findings to both technical and executive stakeholders.
Identify and automate away technical burden.
Build automation to deploy, operate and connect multiple cyber security tools and applications.
Preferred Qualifications
7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks
Exposure to threat detection development and tuning
Experience in software design and development
DevSecOps experience
Ability to perform threat hunting, threat emulation, and/or purple teaming exercises
Familiarity with industry standard security devices and their configuration
Experience in reverse engineering malicious code to explore infection and propagation mechanisms
Experience with threat intelligence tools and processes
Certifications: GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH
5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team
Strong cyber incident response skills (Network forensics, memory forensics, and/or packet analysis)
Ability to read, write and analyze PowerShell, C#, and Python
Capability to independently manage the prioritization of complex security events
Advanced understanding of common SOC/CIRT operational processes and documentation
Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks
Ability to collaborate within a global cross‑functional team to execute on high‑level objectives and drive the maturation of Relativity’s security posture
Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls
Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data
Strong analytical and problem‑solving skills
Minimum Qualifications
5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team
Strong cyber incident response skills (Network forensics, memory forensics, and/or packet analysis)
Ability to read, write and analyze PowerShell, C#, and Python
Capability to independently manage the prioritization of complex security events
Advanced understanding of common SOC/CIRT operational processes and documentation
Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks
Ability to collaborate within a global cross‑functional team to execute on high‑level objectives and drive the maturation of Relativity’s security posture
Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls
Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data
Strong analytical and problem‑solving skills
Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks
Suggested Skills
Cybersecurity
Infrastructure Security
Network Security
Penetration Testing
Security Architecture Design
Security Audit
Security Information and Event Management (SIEM)
Security Operations
Vulnerability Management
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industry: Software Development
Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation, including a competitive base salary, an annual performance bonus, and long‑term incentives.
The expected salary range for this role is $150,000 to $226,000. The final offered salary will be based on factors such as experience, skill set, qualifications, and internal pay equity.
#J-18808-Ljbffr
Posting Type Remote
Responsibilities
Review, validate, and triage alerts and perform technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources.
Assess the impact of security events by leveraging host, cloud and network‑based indicators and evidence to deliver actionable incident escalations.
Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types.
Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions.
Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards.
Automate incident handling processes.
Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment.
Serve as a subject‑matter expert in the mechanism and analysis of observed malicious activity.
Clearly document and communicate investigation findings to both technical and executive stakeholders.
Identify and automate away technical burden.
Build automation to deploy, operate and connect multiple cyber security tools and applications.
Preferred Qualifications
7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks
Exposure to threat detection development and tuning
Experience in software design and development
DevSecOps experience
Ability to perform threat hunting, threat emulation, and/or purple teaming exercises
Familiarity with industry standard security devices and their configuration
Experience in reverse engineering malicious code to explore infection and propagation mechanisms
Experience with threat intelligence tools and processes
Certifications: GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH
5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team
Strong cyber incident response skills (Network forensics, memory forensics, and/or packet analysis)
Ability to read, write and analyze PowerShell, C#, and Python
Capability to independently manage the prioritization of complex security events
Advanced understanding of common SOC/CIRT operational processes and documentation
Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks
Ability to collaborate within a global cross‑functional team to execute on high‑level objectives and drive the maturation of Relativity’s security posture
Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls
Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data
Strong analytical and problem‑solving skills
Minimum Qualifications
5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team
Strong cyber incident response skills (Network forensics, memory forensics, and/or packet analysis)
Ability to read, write and analyze PowerShell, C#, and Python
Capability to independently manage the prioritization of complex security events
Advanced understanding of common SOC/CIRT operational processes and documentation
Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks
Ability to collaborate within a global cross‑functional team to execute on high‑level objectives and drive the maturation of Relativity’s security posture
Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls
Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data
Strong analytical and problem‑solving skills
Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks
Suggested Skills
Cybersecurity
Infrastructure Security
Network Security
Penetration Testing
Security Architecture Design
Security Audit
Security Information and Event Management (SIEM)
Security Operations
Vulnerability Management
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industry: Software Development
Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation, including a competitive base salary, an annual performance bonus, and long‑term incentives.
The expected salary range for this role is $150,000 to $226,000. The final offered salary will be based on factors such as experience, skill set, qualifications, and internal pay equity.
#J-18808-Ljbffr