Blackpoint Cyber is a provider of leading-edge cybersecurity threat hunting, detection, and response technology. Blackpoint was founded by former National Security Agency (NSA) cyber operations experts that applied their expertise to bring nation/state grade technologies to commercial customers around the world.


How You’ll Make an Impact

  • Analyze and evaluate anomalous network and system events in a 24×7 Security Operation Center (SOC) environment via conducting lead-less threat hunting
  • Collaborate with MDR Analysts to research and investigate emerging cyber security threats; become an escalation point of contact for advanced intrusion analysis.
  • Develop Incident analysis reports and work across business units and customers to bring issues to a close
  • Help design and build automation to reduce operational tasks of SOC processes
  • Provide actionable threat and vulnerability analysis based on security events for many independent customer environments
  • Build test lab environments to research emerging techniques and make contributions to the internal and external knowledge development of threat operations.
  • Review sandbox technologies for additional IOCs uncovered from artifacts uncovered during analysis.


What You’ll Bring

  • Five (5+) years of experience in an information security role. Progressive relevant training and/or certification may be substituted for one (1) year of the experience requirement
  • Experience working in a Security Operations Center (SOC), Threat Hunting, or Digital Forensics and Incident Response (DFIR), preferred
  • Two (2+) years of experience with triaging endpoint events from EDR, NGAV, and supporting the Incident Response (IR) process
  • Deep knowledge on assessing threat indicators in a Windows Environment (e.g. Malware/Malicious Anomalies/Abnormal network Activity/Root Level Compromise, Forensic Artifacts, etc.)
  • Robust understanding of at least two of the following: Windows, Linux or OSX;
  • Familiarity with ELK stack (Dashboards, Logstash Config, Searching) Scripting / Programming with Powershell, Python, and Go
  • Familiarity with AWS services such as EC2, S3 and IAM and Azure/M365
  • Experience in developing, refining, and performing leadless threat hunting analysis to uncover new or potential incidents and report on results
  • Ability to work shifts if required (night, weekends, and day)
  • Excellent problem solving, critical thinking, and analytical skills with the ability to deconstruct issues (hunting anomalous pattern detection)
  • Excellent communication skills to effectively summarize and present findings


Bonus 

  • Bachelor’s Degree in Computer Science or related technical discipline
  • Network/System Administration and/or Engineering
  • Deep forensic knowledge of Windows, Mac OS and/or Linux
  • Malware Analysis (Behavioral and/or Static analysis- IDA, Cuckoo Sandbox, x86/x64 Debugging) Pentesting/Red/Blue Team
  • Capture The Flag (CTF) Development
This job is currently not open for applications. Would you like to see our other open positions?