This role is a member of the larger Threat Detection Services team, which includes security analysts and incident handlers who work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will join our Special Projects team and act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger threat detection program activities specific to our growing cloud environments.
We are a geographically diverse team, with offices and personnel around the globe, making this a remote work position for the right candidate. To support these requirements in addition to the technical skills listed below ideal candidates will also have prior remote work experience and possess necessary soft skills to support their success.
What You'll Bring:
Create detection and mitigation rules based on indicators of compromise that align with industry targeted threats.
Hands on security alerts creation and maintenance, workload automation.
Assist in the design, evaluation, and implementation of new security technologies.
Work events escalated by Security Operations Center or high severity user reported events.
Execute incident response processes to respond to security threats and attacks.
Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event.
Maintain accurate and complete records of incidents and investigations.
Extract and analyze malware to determine their nature.
This may include either static code analysis or runtime/execution analysis or both.
Impact You'll Make:
5-7 years of Network/Security/Incident Response experience.
3-5 years working in cloud and containerized environments.
2-4 years of IPS/IDS and/or WAF tooling experience in cloud environments.
Advanced Operating System and Network knowledge.
Experience identifying, investigating, and responding to complex attacks
Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
Knowledge of at least one scripting language.
Any Security related certification(s)
Ability to work independently as well as collaboratively within a team.
Ability to quickly grasp high-level technical concepts.
Good communication and interpersonal skills.
SANS SEC503: Intrusion Detection In-Depth (nice to have)
SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have)
SANS SEC524: Cloud Security and Risk Fundamentals (nice to have)
SANS SEC545: Cloud Security Architecture and Operations (nice to have)
Any additional cloud technology specific certification (nice to have)
During the COVID-19 pandemic, TransUnion has several safety protocols in place to protect associates, customers, and visitors. You may be required to be fully vaccinated against COVID-19 as a condition of employment and/or to participate in certain work-related activities. Exemption is available to qualified candidates as a reasonable accommodation.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
TransUnion is a global information and insights company that makes trust possible between businesses and consumers, by ensuring that each consumer is reliably and safely represented in the marketplace.
We do this by having an accurate and comprehensive picture of each person.
This picture is grounded in our legacy as a credit reporting agency which enables us to tap into both credit and public record data; our data fusion methodology that helps us link, match and tap into the awesome combined power of that data; and our knowledgeable and passionate team, who stewards the information with expertise, and in accordance with local legislation around the world.
Because of our work, organizations can better understand consumers in order to make more informed decisions, and earn their trust through great, personalized experiences, and the proactive extension of the right opportunities, tools and offers. In turn, consumers can be confident that their data identities will result in the opportunities they deserve.
We make trust possible, so businesses and consumers can transact with confidence and achieve great things. We call this Information for Good®—it’s our purpose, and what drives us every day.