Senior Threat Detection Engineer
We are looking for a savvy, high-performing Security Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of Blackbaud’s and Client’s information. Security Engineers diligently investigate anomalous events and alerts, detect malicious activities, reverse engineer malware, and write signatures and scripts for various security tools to defend against malicious activity. The Security Engineer provides reports to management regarding the negative impact to the business caused by theft, destruction, alteration, or denial of access to information. The Security Engineer is primarily involved in the analysis, reverse engineering, troubleshooting and resolution of complex threats that impact the information security infrastructure at the data, application, service, operating system, and network levels.
What you’ll be doing:
Build out automations in order to optimize team performance and reduce response times
Document automation building process, to include defining pre-build requirements and validation criteria
Perform intrusion analysis using SIEM technology, reports, data visualization, log analysis and pattern analysis
First responder to security events and escalations via email, phone, and tickets across corporate user networks, data centers, and cloud environments.
Assist in remediation of information security incidents
Hunting for and identifying threat actor groups and respective tactics, techniques and procedures
Document and communicate findings, escalate critical incidents, and interact with lines of business
Improve and challenge existing processes and procedures in a very agile and fast paced cyber security environment
Keep current on the threat landscape and cyber security trends
Ability to adapt to fluid infrastructures and to learn/support new technologies
Thought leader around new security alert content creation, data correlation, anomaly thresholds, and logic updates
Primary mentor to the core analyst team with regards to training & escalation
Peer reviewer as a part of the core security engineering team
Advising/informing leadership on how to optimize current toolset and performing evaluation of future tools
What we are looking for:
Bachelor's degree or equivalent IT/Security industry experience
3+ years security analysis experience
5+ years of IT or networking experience
Intermediate to Advanced Linux/Unix OS and Windows knowledge
Expertise in at least one public cloud
Firewall rule and policy fundamentals
Network routing fundamentals
Ability to manage parallel tasks and accurately document resolutions
Working knowledge of network packet analysis tools
Proven ability to implement automation through scripting (e.g., PERL, Python, shell scripting)
Experience with leveraging APIs to integrate third party tooling into an existing tool stack
Familiarity with cyber security frameworks such as NIST and MITRE ATT&CK
Industry recognized professional certification such as (but not limited to): Security+, CBROPS, CSA, CEH, GSEC, SSCP
Nice to Haves:
Industry recognized professional certification such as (but not limited to):
CISSP, GBFA, GCDA, GCIA, GCIH, GMON, GNFA, GOSI, GPEN, GPPA, GREM, GSOC, OSDA, OSCP
Direct experience with malware and analysis techniques and methodologies.
Experience with playbook development using Security Orchestration and Automated Response (SOAR) platforms
Stay up to date on everything Blackbaud, follow us on Linkedin, Twitter, Instagram, Facebook and YouTube
Blackbaud is a remote-first company which embraces a flexible remote work culture. Blackbaud supports hiring and career development for all roles from the location you are in today!
Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.
To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.
A notice to candidates: Recruitment Fraudulent Alert: Your personal information and online safety as a candidate mean a lot to us! At Blackbaud and our portfolio of companies, recruiters only direct candidates to apply through our official careers page at https://careers.blackbaud.com/us/en or our official LinkedIn page. Recruiters will never request payments, ask for financial account information or sensitive information like social security numbers, or conduct interviews via Skype. Anyone suggesting otherwise is not a representative of Blackbaud. If you are unsure if a message is from Blackbaud, please email blackbaudrecruiting@blackbaud.com.
The starting base pay is $101,900.00 to $132,800.00. Blackbaud may pay more or less based on employee qualifications, market value, Company finances, and other operational considerations.
Benefits Include:
Medical, dental, and vision insurance
Remote-first workforce
401(k) program with employer match
Flexible paid time off
Generous Parental Leave
Volunteer for vacation
Opportunities to connect to build community and belonging
Pet insurance, legal and identity protection
Tuition reimbursement program
About the job
Apply for this position
Senior Threat Detection Engineer
We are looking for a savvy, high-performing Security Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of Blackbaud’s and Client’s information. Security Engineers diligently investigate anomalous events and alerts, detect malicious activities, reverse engineer malware, and write signatures and scripts for various security tools to defend against malicious activity. The Security Engineer provides reports to management regarding the negative impact to the business caused by theft, destruction, alteration, or denial of access to information. The Security Engineer is primarily involved in the analysis, reverse engineering, troubleshooting and resolution of complex threats that impact the information security infrastructure at the data, application, service, operating system, and network levels.
What you’ll be doing:
Build out automations in order to optimize team performance and reduce response times
Document automation building process, to include defining pre-build requirements and validation criteria
Perform intrusion analysis using SIEM technology, reports, data visualization, log analysis and pattern analysis
First responder to security events and escalations via email, phone, and tickets across corporate user networks, data centers, and cloud environments.
Assist in remediation of information security incidents
Hunting for and identifying threat actor groups and respective tactics, techniques and procedures
Document and communicate findings, escalate critical incidents, and interact with lines of business
Improve and challenge existing processes and procedures in a very agile and fast paced cyber security environment
Keep current on the threat landscape and cyber security trends
Ability to adapt to fluid infrastructures and to learn/support new technologies
Thought leader around new security alert content creation, data correlation, anomaly thresholds, and logic updates
Primary mentor to the core analyst team with regards to training & escalation
Peer reviewer as a part of the core security engineering team
Advising/informing leadership on how to optimize current toolset and performing evaluation of future tools
What we are looking for:
Bachelor's degree or equivalent IT/Security industry experience
3+ years security analysis experience
5+ years of IT or networking experience
Intermediate to Advanced Linux/Unix OS and Windows knowledge
Expertise in at least one public cloud
Firewall rule and policy fundamentals
Network routing fundamentals
Ability to manage parallel tasks and accurately document resolutions
Working knowledge of network packet analysis tools
Proven ability to implement automation through scripting (e.g., PERL, Python, shell scripting)
Experience with leveraging APIs to integrate third party tooling into an existing tool stack
Familiarity with cyber security frameworks such as NIST and MITRE ATT&CK
Industry recognized professional certification such as (but not limited to): Security+, CBROPS, CSA, CEH, GSEC, SSCP
Nice to Haves:
Industry recognized professional certification such as (but not limited to):
CISSP, GBFA, GCDA, GCIA, GCIH, GMON, GNFA, GOSI, GPEN, GPPA, GREM, GSOC, OSDA, OSCP
Direct experience with malware and analysis techniques and methodologies.
Experience with playbook development using Security Orchestration and Automated Response (SOAR) platforms
Stay up to date on everything Blackbaud, follow us on Linkedin, Twitter, Instagram, Facebook and YouTube
Blackbaud is a remote-first company which embraces a flexible remote work culture. Blackbaud supports hiring and career development for all roles from the location you are in today!
Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.
To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.
A notice to candidates: Recruitment Fraudulent Alert: Your personal information and online safety as a candidate mean a lot to us! At Blackbaud and our portfolio of companies, recruiters only direct candidates to apply through our official careers page at https://careers.blackbaud.com/us/en or our official LinkedIn page. Recruiters will never request payments, ask for financial account information or sensitive information like social security numbers, or conduct interviews via Skype. Anyone suggesting otherwise is not a representative of Blackbaud. If you are unsure if a message is from Blackbaud, please email blackbaudrecruiting@blackbaud.com.
The starting base pay is $101,900.00 to $132,800.00. Blackbaud may pay more or less based on employee qualifications, market value, Company finances, and other operational considerations.
Benefits Include:
Medical, dental, and vision insurance
Remote-first workforce
401(k) program with employer match
Flexible paid time off
Generous Parental Leave
Volunteer for vacation
Opportunities to connect to build community and belonging
Pet insurance, legal and identity protection
Tuition reimbursement program