Senior Manager, Threat Research- LogRhythm Labs
LogRhythm is a world leader in NextGen Security Information and Event Management (SIEM), empowering organizations to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. Our platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security orchestration, automation & response (SOAR) in a single end-to-end solution. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant. We are based in Boulder, CO with offices in Maidenhead UK, Australia, Singapore, Germany, Dubai and The Netherlands.
Overview
LogRhythm is looking for a Senior Manager of Threat Research that will lead the R&D efforts of the LogRhythm Labs - Threat Research team; taking threat research (attackers and their tactics, techniques, and procedures) and turning that into actionable and operational intelligence for our SIEM. This role is critical to LogRhythm’s success as its responsible for the overall strategic direction and management of the Threat Research program and team, a critical component to our current and future successes.
Opportunity
This position gives you the ability expand your career in Incident Response (forensics, malware analysis), Threat Intelligence, and Penetration Testing. You lead a team that is primarily responsible for enabling our customers to better protect, detect, and respond to damaging threats. This is an opportunity to work with the most advanced SIEM solution in the world to develop content that operationalizes threat intelligence.
Responsibilities
- Drive and be accountable for the strategic direction and roadmap for the LogRhythm Labs, Threat Research team
- Lead, build, and maintain a threat intelligence program focused on proactively and reactively identifying security threats
- Develop content, analytics and detection around threat actor’s tactics, techniques & procedures that is deliverable through our knowledge base updates.
- Research and test new attacker techniques, detection, mitigation and remediation strategies against LogRhythm products.
- Maintain LogRhythm threat detection content for delivery to customers
- Analyze and investigate malicious files, create actionable intelligence from analysis results.
- Investigate and track cyber adversaries through open source and other threat intelligence.
- Be an active member in the intelligence community through presentations, blogging, forum participation, whitepapers and other dissemination techniques.
- Be a subject matter expert in threat research; staying ahead of the latest attacks, breaches, methods, and trends used in real world compromises
- Provide leadership and management of the security professionals on your team
- Assist the internal security team with analysis and response to advanced security threats.
Qualifications
- 10+ years of educational and/or industry experience.
- Deep technical understanding of computer operating systems, computer hardware, software, and network infrastructure.
- Experience using computer security, forensic and threat intelligence tools.
- Understanding of vulnerabilities, exploits and the latest attack vectors.
- Incident response experience, in which you performed or supported in-depth forensics analysis against network data, system data, log data, and other malicious files.
- The ability to communicate your ideas via written and verbal communications such as writing blog posts and creating webinar content for delivery to customers.
- Experience writing program code and interfacing with web service APIs.
- Demonstrable experience with one or more of the following:
- Python, PowerShell, Bash, PHP, HTML, .NET, C#
- Security Certifications are nice to have but not required. A few recommended ones:
- OSCE, OSCP, GXPN, GMON, GPEN, GWAPT, GREM, GCIH, CISSP, etc.
- Experience using SQL and Elasticsearch databases a plus.
- Experience with Cloud Security Architecture and Distributed Computing a plus.
LogRhythm is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.