27 days old

Security Content Engineer - Global Threat Operations

Trustwave Holdings, LLC
Chicago, IL 60601
  • Job Code
Trustwave Holdings, LLC

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Category: Security Services
Team: Managed Security Services
Location: Chicago, Illinois Greenwood Village, Colorado


The Security Content Engineer provides operational and detection direction for a team that performs triage of a diverse set of global security issues, assesses their impact, and?implements response actions to protect critical business assets with a sense of urgency.

We are seeking an?experienced security practitioner for Trustwave's GTO organization to execute SIEM content development, develop platform and SOAR requirements, and evaluate new security technologies.

The Security Content Engineer will perform the following duties:
  • Manage tasks and projects to meet the goals of the MSS & GTO organizations
  • Organize and facilitate technical meetings with internal organizations
  • Maintain knowledge of industry-wide attacks and the current threat environment
  • Demonstrate subject matter leadership to GTO & Engineering staff
  • Create, improve, and document processes for use case development, analytical investigation, and the management and monitoring of security solutions
  • Take responsibility for the beath and depth of Trustwave's detection and response capabilities
  • Adhere to policies, procedures, and security best practices
  • Act as a mentor and escalation point for analysts, engineers, and ISAs within MSS
  • Lead projects to develop new service offerings and integrate new technology to services portfolio

Skills & Knowledge Requirements:

Must have skills/knowledge in some of the following:
  • Security Information and Event Management (SIEM)
  • Experience and expertise with deployment, baseline, management, monitoring, and optimization of security technologies
  • Expertise optimizing cyber threat intelligence for an enterprise environment
  • Understanding of MITRE [email protected] Enterprise Threat Matrix and development of custom use cases, based on described TTPs.
  • Unix / Linux and Windows system administration
  • Information security best practices & network security architecture
  • Signature based security products
  • Current exploit and remediation techniques
  • TCP/IP networking
  • Vulnerability Scanning technologies
  • Log collection and analysis tools
  • Threat Intelligence
  • Incident Response / Forensics
  • Payment Card Industry (PCI) Standards

Desired experience:
  • 2+ years team leadership experience
  • 5+ years MSS or multi-tenant enterprise security experience
  • 5+ years of experience in a security operations center or similar environment
  • 5+ years of experience with SIEM administration and use case development
  • 3+ years of experience with developing metrics and implementing organizational change
  • 3+ years of experience supporting operational escalations or processes
  • 3+ years of experience with network-based security controls
  • 3+ years of experience with endpoint protection security controls
  • 2+ years of experience with SOAR or workflow optimization platforms

  • English: Demonstrated Fluency

  • Bachelor's degree in security discipline or related field -or- 2+ years college and 5+ years security experience


We prefer college educated applicants, but at minimum, high school diploma or equivalent is required for employment.



Posted: 2021-04-15 Expires: 2021-05-16

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Security Content Engineer - Global Threat Operations

Trustwave Holdings, LLC
Chicago, IL 60601

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast