What You’ll Do

Blackpoint Cyber is a provider of leading-edge cybersecurity threat hunting, detection, and response technology. Blackpoint was founded by former National Security Agency (NSA) cyber operations experts that applied their expertise to bring nation/state grade technologies to commercial customers around the world.

Summary:  Reporting directly to the VP of Threat Ops, the SOC team is seeking an experienced Director who is technical, collaborative, and truly excited about being a part of our great SOC team.  In this role, you will bring your in-depth knowledge of how hackers operate in a network in detail down to the tools they like to use. Ability to take control and lead incidents and to communicate a time when they created automation to improve a slow process. The successful candidate will have the ability to interface with and influence cross-functional teams throughout the company.

Who You Are

Blackpoint Cyber is looking for someone who will:

·       Own day to day SOC operations including internal/external ticketing, notifications, security questions, Leading Incidents, and Responses

·       Engineer Automation and Workflows to better scale our service

·       Analyze and evaluate anomalous system events in a 24×7 Security Operation Center (SOC) environment.

·       Conduct threat hunting operations that deliver anomalous activity and potential adversaries Tactics, Techniques, and Procedures (TTPs)

·       Provide actionable threat and vulnerability analysis based on security events for many independent customer environments

·       Collaborate with Level 2+ Analysts to research and investigate emerging cyber security threats

·       Collaborate and become an escalation point of contact for Level 1 Analysts

·       Recommend modification to security tools to detect, prevent, and mitigate intrusions

 

 

 

  What You’ll Bring 

 

  • Five (5+) years of experience in a role that involves Information Security with a focus on catching adversaries and/or Red Team / Pentest knowledge
  • Five (5+) years of experience with triaging security events related to malware, security log analysis (SIEM), Endpoint Detection and Response (EDR) Tools, and supporting the Incident Response (IR) process within a Windows Environment
  • Deep knowledge on assessing threat indicators and Reverse Engineering in a Windows Environment (e.g. Event Logs/Malware/Malicious Anomalies/Abnormal Network Activity/Root Level Compromise, Forensic Artifacts, etc.)
  • Expert in Windows System Administration specifically risks associated with Active Directory and other Windows Server Roles
  • Experience in developing, refining, and performing advanced analysis to uncover new or potential incidents and report on results
  • An advanced understanding of current threats and trends present for our MSP partners and SMB Customer Base
  • Excellent problem solving, critical thinking, and analytical skills with the ability to deconstruct issues (hunting anomalous pattern detection)
  • Excellent communication skills to effectively summarize and present findings


Interested?


To apply, please prepare a resume and cover letter. For more information about Blackpoint Cyber, visit our website at www.blackpointcyber.com.

Blackpoint Cyber welcomes and encourages applications from qualified individuals of all races, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status. We are committed to equality of opportunity in all aspects of employment.

We thank everyone for their interest, but only those candidates selected for an interview will be contacted.


Blackpoint’s Response to COVID-19

We take a very proactive response to COVID-19 with all staff working remotely from home. Hygiene protocols are in place throughout the building and office if there is a need to visit. Our company’s systems and processes are set in such a manner that there should be no limitations to your productivity when working from home. We are in constant communication globally. During these challenging times, Blackpoint Cyber takes the opportunity to envision a new way of working together while continuing to collaborate meaningfully with those whom we serve and defend.

This position has been filled. Would you like to see our other open positions?