SpiderLabs Content Team Lead
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.
The Content Team Lead is a position in the Trustwave SpiderLabs organization. This position will lead the global team of content developers and engineers. This team’s primary mission is to manage, maintain, create, and deploy a library of SIEM use cases and customer oriented communication geared toward the detection of cyber threat activity in the Trustwave MSS environment. This is a key strategic role and the successful candidate must be an expert communicator, as they will liaise with all departments within Trustwave to understand product output, efficient detection methodologies, and innovative data correlations to find and shut down attacks in real-time.
The Content Team performs the following functions:
- Create, deploy, and maintain the SIEM use case library
- Analyze, tune and track use case effectiveness
- Implement use cases for customer SIEM deployments based on data collected and the needs/requirements of the customer
- Map event findings taxonomies to relevant use cases
- Create use case and event findings informational overviews and documentation
- Create and maintain a notification template library
- Work on the development and maintenance of threat intelligence platforms
- Correlate detection signatures with sets of Indicators of Compromise (IOCs) to detect and identify specific threat actors and activity
- Contribute to company publications and drive thought leadership in the threat detection and intelligence spaces
- Collaborate with SpiderLabs Research, Threat Intelligence, Incident Response, Threat Operations, Managed Security Services, and other key organizations to optimally leverage expertise and technologies
Skills & Knowledge Requirements:
- Expert knowledge of SIEM, cyber threat intelligence- sourced from both organically developed and external feeds, and how to best employ threat intelligence across large global networks.
- Knowledge of big data management of both structured and unstructured data sets is highly advantageous.
- Expert network security knowledge and the ability to create new security signatures on-the-fly across a large selection of source devices.
- This role requires an individual who is both a security technical guru, but also a person with the management and communication skills to work across a number of individual business units to identify synergies and improvements that will result in optimized security to many thousands of clients from across the globe that rely on Trustwave for industry leading managed security services.
- Advanced experience working with a variety of SIEM’s, including use case/correlation/signature creation
- Experience working as part of a content team
- Expert command of the English language and the ability to write high-level to very technical content for customer consumption
- 5 years of experience in Security
- 1 years of security leadership
- Programming / Scripting knowledge (eg: Python or similar)
- Experience with cyber threat intelligence and its application to global network security
- Knowledge of data science, as it pertains to big data management of security data, to include Hadoop clusters and efficient data extraction is preferred.
- Advanced degree in IT Security related field is preferred
- English: Demonstrated Fluency
- Intermediate to advanced experience in Information Security related areas
- Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.
- 2nd language is also desired: Spanish, Portuguese
We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.
information security, regulatory compliance, computer forensics, managed security services, Secure Web Gateway, application security, penetration testing, incident response, data loss prevention, SIEM, PCI DSS solutions, Web security, cloud security, cloud compliance
Company Type: Privately Held
Company Size: 1,001-5000