Threat Analysis Engineer
This is a Threat Analysis Engineer position and it is part of the Threat Research Team within the CSS Security Intelligence group.
This role is responsible for researching, evaluating, validating, testing third-party vulnerability reports, and publishing vulnerability and threat information via DeepSight alert services. The role is shift based and the team is measured against publishing timeliness and volume to meet customer SLEs.
Your job includes but not limited to:
- Creating reports of vulnerability reported by vendors and researchers
- Researching the vulnerability, exploits , identifying new vulnerabilities
- Developing and updating the vulnerability content and deliverable for DeepSight Alert Services.
- Security Assessment, Penetration Testing, Web and Mobile Application assessment and Security Configuration Audit
Taking full accountability for the reports being created / updated to include following things:
Define type of vulnerability, how it is exploited, post exploits impact, affected technologies/non-affected technologies, quality of the report, solution/workaround, any additional information specific to a particular vulnerability, will the solution delight the customer etc.
- Three to five years of experience in cyber security
- Passion for cyber security and protecting customers against threats by discovering and reporting vulnerabilities
- A strong understanding of the information security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors
- Any reverse engineering experience related to application and operating system
- More than certifications knowledge gained through:
- Offensive Security Certified Professional (OSCP)
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Security Essentials (GSEC)
- Good Communication Skills
- Great Team Player
Automating manual tasks using scripting tools like Python will be an added advantage.
Relentlessly protect the world’s information. Make a difference at Symantec. Across the globe, we are an ‘essential’ partner to both consumers and businesses of all sizes. We combine our talents, our brains, and our creative energy to reinforce our place as a world-class technical community.
Our most critical asset at Symantec is the talent we hire - you! We look for people who have a desire to excel and reflect our values: Innovation, Action, Customer-Driven, and Trust. We recognize that every opening in our company is a chance to increase Symantec's competitive advantage, and we are willing to invest in you in order to win.
Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.
Symantec will respond to requests for reasonable accommodations to assist you in applying for positions at Symantec, or to submit a resume. If you need to request an accommodation, please contact our HR Helpdesk at 1-800-497-2580 or by email at email@example.com.
EEO is the Law. Applicants and employees of Symantec Corporation are protected under Federal law from discrimination.Click here to find out more.
Encryption, Antivirus and Malware protection, eDiscovery, Identity Protection and Authentication, Information Protection, Cyber Security Services, Threat Protection
Company Type: Public Company
Company Size: 10,001+