Job Description

Threat Intelligence & Incident Response Engineer

:

Responsibilities:

• Operate and maintain the SUSE Security stack - SIEM, EDR, email protection, vulnerability scanners etc.
• Act as the Subject Matter Expert for security incidents from detection through analysis to response and recovery.
• Participate in hardening and continuous improvement of the SUSE environment as the Root Cause Analysis element of the incident lifecycle.
• Work in a geographically distributed team as a team player in collaborative and transparent way.
• You will be empowered to make decisions in your area of expertise - and supported by the team when unsure.
• Help to address security requirements of the business functions & users, provide inputs, assessment and guidance, representing the security team in the process.
• Develop and deliver technical training to educate others or meet customer needs.
• Develop a trend analysis and impact report of incidents and make recommendations based on it for enhancements to SUSE security.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the environment.

Education and Experience Required:

• Typically 8+ years of relevant experience
• Relevant University degree and/or recognized industry certifications are plus, but not required

Knowledge and Skills:

• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
• Ability to design and apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of cybersecurity and privacy principles, cyber threats and vulnerabilities.
• Knowledge of incident response and handling methodologies.
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Expert knowledge in the SIEM & EDR technology space
• Capability to lead the continuous improvement for SUSE Detection & Response capabilities
• Ability to integrate Threat Intelligence into the DFIR area

Job: Information Technology

SUSE is a global leader in innovative, reliable and enterprise-grade open source solutions, relied upon by more than 60% of the Fortune 500 to power their mission-critical workloads. We specialize in Enterprise Linux, Kubernetes Management, and Edge solutions, and collaborate with partners and communities to empower our customers to innovate everywhere -- from the data center, to the cloud, to the edge and beyond. SUSE puts the "open" back in open source, giving customers the agility to tackle innovation challenges today and the freedom to evolve their strategy and solutions tomorrow. The company is headquartered in Nuremberg, Germany, and employs nearly 2000 people globally. SUSE is listed in the Prime Standard of the Frankfurt Stock Exchange.