ImmunityBio, Inc. is a commercial-stage biotechnology company developing innovative therapies to strengthen the human immune system against cancer. The Senior Cyber Security Engineer will be responsible for implementing and maintaining a proactive IT security environment while collaborating with various business units to identify and mitigate cyber security risks.
Responsibilities:
- Identify, evaluate, and document cyber security risk
- Assist with solutions and core security projects related to enterprise security and monitoring
- Develop, document, and execute threat hunting research with internal teams to identify adversaries and their behaviors, including new/emerging tactics
- Conduct research that yields new insights, theories, analyses, data, and prototypes that advance state-of-the-art of controls, detections, monitoring, and investigation/hunting capabilities or leads to improvements to the protection capabilities of our products and services
- Develop robust detection and mitigation strategies by studying security researchers, attackers, and real incidents. Identify attack-paths from kill-chains for relevance and long-term effectiveness
- Innovate processes, create strategies, develop automation or tools and work with partner teams to promote efficiency for hunters and investigators
- Develop, test, document, employ and communicate threat hunting methodologies, findings, and outcomes and aid in development of metrics. This includes reports with varying levels of leadership
- Develop actionable information, (e.g., technical indicators, reports, lists, rule sets, signatures, and alerts) that accurately identify malicious behavior while maintaining a low false positive rate
- Perform analysis on alerts and new indicators of compromise to detect anomalies and prior compromise
- Identify and collaborate on response to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks
- Monitor and address incoming notifications, threats, and risks quickly while documenting and solutioning issues
- Develop and implement new initiatives to simplify, standardize, and optimize intelligence, to reduce response times, and to improve security posture
- Assist in threat hunting to identify, classify, prioritize, and report on cyber threats following industry best practices
- Conduct research on emerging security threats; Provide correlation and trending of cyber incident activity
- Maintain working knowledge of advanced persistent threats tools, techniques, and procedures
- Assist in digital investigations for enterprise security incidents
- Assist in executing processes and activities within the security Incident response lifecycle
- Investigate data for anomalies in order to identify suspicious behavior
- Report on evaluations and recommendations for improvements
- Assist in creating a plan to respond to threats
- Communicate and escalate any incidents with the team
- Create, edit and adhere to Standard Operating Procedures (SOPs), process improvements, and standardization of templates
- Performs ad-hoc and cross-functional duties and/or projects assigned to support business needs and provide developmental opportunities
Requirements:
- Bachelor's Degree with 8+ years of relevant security experience; OR
- High school diploma with 12+ years of relevant security experience
- 8+ years' experience in investigations and/or threat hunting
- 5+ years of experience in cyber threat intelligence, cyber technical analysis, and threat attribution assessment with increasing responsibilities
- Exposure to enterprise-level threat hunting
- Ability to work in a dynamic and demanding environment and make decisions quickly
- Familiarity with classes of vulnerabilities and appropriate remediation of industry-standard classification schemes (CVE, CVSS, CPE)
- In-depth and up-to-date understanding of the threat landscape and the techniques to defend against them – including tactics, techniques, and procedures
- High ethical standards, personal integrity, discretion, and the ability to professionally handle confidential matters
- Demonstrated knowledge with 'threat hunting', i.e. using threat intel to proactively and iteratively investigate potential risks and finding suspicious behavior in the network
- Knowledge of how to handle critical incidents and/or breach response