Cloud Security Engineer

Senior Security Threat Hunter works closely with other cloud and security professionals to investigate threats, proactively hunt for compromise, automate capabilities, develop security tooling and data automation, and contribute your experience and expertise to countless other projects. You will be working to solve issues related to the latest security trends and early warning indicators, as well as help design solutions for emerging threats.Responsibilities• Plan and execute proactive adversary hunt for malicious activity, fraud, and abuse using myriad log sources, network- and host-based tools, and threat intelligence to identify the threat actors and their tools and techniques• Participate in- and contribute to- cyber threat intelligence sharing forums and platforms; organize and curate threat intelligence; form macroscopic perspective on adversaries, actors, and campaigns.• Perform investigations on suspected compromised assets and cloud services, analyze log data and other artifacts to determine what occurred, and communicate the outcome of that investigation in written and verbal form.• Seek out fraud and abuse occurring on the service, and innovating data analysis and response tooling at scale to protect customers.• Collect, curate, and transform various data to support advanced analytic creation and investigation automation.• Design, develop, debug, and deliver tooling (and associated documentation) to assist the investigative and hunting process.• Work with other internal and external teams to forge new and improve existing partnerships that help mature the teams' techniques, tactics, and procedures (TTPs).• Experience in SDLC, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response• Working with large data sets to answer complex and ambiguous questions, using tools and languages like: SQL, KQL, Azure Data Explorer, Azure Data Lake, Azure Machine Learning (AML), Jupiter Notebooks, Spark, Azure Synapse, R, U-SQL, Python, ELK stack, or Splunk.Preferred Qualifications• Understanding of adversary and cyber Client frameworks such as kill-chain model, Telecommunication&CK framework, and Diamond Model.• Ability to rapidly automate data handling and data curation using PowerShell, Python, Azure Data Factory, and various Azure-based tools.• Ability to work effectively in ambiguous situations and respond favorably to change.• Demonstrate ability to understand and communicate technical details with varying levels of management.• Certifications like GCIA, GSLC, GCIH, CISM, CISSP, CEH, etc. are plus.Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.