• CareerBliss
  • $107,210.00 -156,090.00/year*
  • Riverside , RI
  • Defense/Security Clearance
  • Full-Time
  • 179 Forbes St

Loading some great jobs for you...

The Cyber Defense Technical Expert is a senior individual contributor responsible for developing threat-based use cases for detecting cyber-attacks.

In addition to engineering threat-based alerts and developing anomaly-based reports for detection, the Cyber Defense Technical Expert will also be tasked with integrating real-time threat intelligence into the defensive systems.

The individual will work with multiple technology platforms and interface with other groups within Cyber Defense, Information Security, other technology, and business partners.

Primary responsibilities include: Tuning of Intrusion Detection System and enhancement of detection capabilities
Developing new use cases to detect threats across multiple environments including network, endpoint and applications
Integrating cyber threat intelligence into defensive systems
Leading the logging enrollments from multi-tier applications into the enterprise logging platforms
Developing specific content necessary to implement Security Use Cases and transforming into correlation queries, templates, reports, rules, alerts, dashboards and workflow
Developing advanced reports and metrics to meet the requirements of key stakeholders

Required Skills/Experience: 7 or more years of progressive security industry experience
Excellent understanding of Cyber Security Operations and Incident Response processes
Solid understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on Security Operations
Experience with programming/scripting (Python, Ruby Perl, C, Java etc.)
Hands on experience with Security Information and Event Management technologies (QRadar, ArcSight, Splunk etc.)
Excellent oral and written communications

Preferred Skills/Experience: Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing.
Excellent understanding of enterprise logging standards, with a focus on application logging
5 or more years of experience with SPLUNK, ArcSight and/or Qradar SIEM systems
Advanced knowledge of content creation concepts and best practices
Excellent understanding of regular expressions, development of custom/flex parsers
Solid understanding of security tools related to Data Loss Prevention and Privileged User Monitoring
Excellent Python and Unix Shell scripting skills
Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
5 or more years of network security and system security experience, supporting security event management tools (SIEMs)

Education, Certifications and/or Other Professional Credentials: Bachelor's Degree (Security / IT Related) or equivalent combination of experience
A combination of relevant industry certifications including, but not limited to CISSP, GREM, GCIH, GCIA, CEH, GCED, CISA, etc.

Hours & Work Schedule

Hours per Week: 40
Work Schedule: Monday through Friday


Why Work for Us
At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.
Equal Employment Opportunity
It is the policy of Citizens Bank to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other category protected by federal, state and/or local laws.
Equal Employment and Opportunity Employer/Disabled/Veteran
Citizens Bank is a brand name of Citizens Bank, N.A. and each of its respective subsidiaries.

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...