Threat Response Detection Engineer
Apple Inc
Chengdú, Sichuan, China
9天前

Job Summary

Apple is seeking an Information Security Detection Engineer to join its global Detection & Response team. The Detection Engineer’s primary responsibility is to lead efforts around the creation and tuning of detection logic to identify security threats.

Key Qualifications

  • 5-10 years of experience in Information Security with focus on incident response, threat hunting, and creating detection signatures.
  • Passion for using big data log collection and correlation tools for data analytics.
  • Experience using a data analytics platform
  • Solid knowledge of Scala programming language is required.
  • Solid understanding of Apache Spark and its components (Spark SQL, Spark Streaming, etc).
  • Solid understanding of Incident Response, Cyber Kill Chain, Threat Modeling, and attack vectors.
  • Familiarity with current threat detection tools and technologies.
  • Must have experience with analysis of network traffic and usage of Deep Packet Inspection tools.
  • Experience writing and tuning of IDS / IPS signatures.
  • In-depth technical knowledge of macOS and Linux Operating Systems.
  • Solid understanding of malware functionality and persistence mechanisms.
  • Ability to analyze endpoint, network, and application logs for anomalous events.
  • Description

    The ideal candidate will possess a strong technical background and information security experience and will focus on detection and response.

    Additional responsibilities include : Provide feedback and adhere to a use case development lifecycle.Collaborate with teams to incorporate requirements, leveraging log sources such as network, endpoint and application data to create signatures / rules.

    Identify gaps in log data and recommend solutions to address said gaps.Perform security monitoring and incident response duties as needed.

    Education

    B.S. in Computer Science, Information Security, or equivalent Engineering degree.Preferred technical certifications include : OSCP, GIAC and CCNA / CCNP.

    Additional Requirements

    Excellent verbal and written communication skills.Demonstrated ability to work in a team environment.Highly motivated individual and a proactive learner.

    Experience with creation of comprehensive technical reports.

    申请
    申请
    邮箱地址
    通过单击 "继续 ", 您同意 neuvoo 收集并处理您在本表单中提供的个人数据, 以创建 neuvoo 帐户并根据我们的 隐私政策 订阅您的电子邮件通知。您可以在任何时候撤回您的同意, 通过以下 这些步骤
    继续
    申请表格