Dow Jones CyberSecurity Threat Hunting Engineer in NEW YORK, New York

Job Description:

The CyberSecurity Threat Hunter role will be a key member of the Cyber Defense Center (CDC) within Dow Jones. The Threat Hunter is responsible for participating in threat actor-based investigations, creating new detection methodology and providing expert support to the Security Monitoring/IR Team. The focus of the Threat Hunter is to detect, disrupt and eradicate threat actors from enterprise/cloud networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies.

Job Description

  • A passion for research and uncovering the unknown about cyber security threats and threat actors.

  • Hunt for and identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.

  • Participate in hunt missions using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on the Dow Jones network.

  • Provide expert analytic investigative support of large scale and complex security incidents.

  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, as well as logs from various types of security sensors, applications and operating systems.

  • Perform analysis of security incidents & threat actors for further enhancement of Detection Catalog and Hunt missions by leveraging the MITRE ATT&CK framework.

  • Document best practices with the Cyber Defense Center staff using available collaboration tools and workspaces.

  • Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed.

Skills

The ideal Cyber Security Threat Hunter will have a proven track record of working in Infrastructure, Cloud or Application Security. A broad range of Information Security expertise is of interest. This role is looking for practical experience (hands-on) in most of the following areas:

  • 5-7 years of background in information security, cyber security or network engineering.

  • Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.

  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.

  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.

  • Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise

  • Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior

  • Strong experience with Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices.

  • Experience with information security tools such as an enterprise SIEM solution (Splunk preferred), IDS/IPS, endpoint security, EDR and security monitoring solutions (NSM,DLP,Insider, etc)

  • Self-starting, organized, proactive, and requiring minimal management oversight.

  • Ability to quickly learn new and complex concepts.

  • Strong analytical skills/problem solving/conceptual thinking/attention to detail.

  • Ability to work effectively with peers and multiple levels of management.

  • Well organized, thorough, with the ability to balance and prioritize competing priorities.

  • Excellent verbal and written communication skills across multiple levels of the organization.

  • Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction

Desired Skills:

  • A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors

  • Ability to effectively code in a scripting language (Python, Perl, etc.)

  • Ability to understand big data and query languages (Splunk, etc)

  • Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.

  • Experience setting up infrastructure to support Hunt Team operations.

Qualifications

Preferred qualifications for this role:

  • At least 5 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations

  • Bachelor’s degree or equivalent program in Information Security, Information Technology, Computer Science, Management Information Systems or similar field experience is required; Master's degree preferred

  • Completion of at least one of the following: OSCP, GCIA, GPEN, GWAPT, GCIH, GSEC, CCNP, CISSP,

Competencies and Behaviors

Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction

Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions

Very good written skills to document complex concepts in a comprehensive, yet readable manner

Demonstrate clear and measurable results through the development of KPIs, goals and milestones

Dow Jones , Making Careers Newsworthy

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets .

Dow Jones is committed to providing reasonable accommodation for qualified individuals with disabilities, in our job application and/or interview process. If you need assistance or accommodation in completing your application, due to a disability, please reach out to us at TalentResourceTeam@dowjones.com . Please put “Reasonable Accommodation" in the subject line.

Business Area: TECHNOLOGY - INFO SEC

About Us

Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.Dow Jones is a division of News Corp (NASDAQ: NWS, NWSA; ASX: NWS, NWSLV).

If you require assistance in completing the online application, please contact the Talent Management team for Application Help at TalentResourceTeam@dowjones.com

JobReq13221