23 days old

Security Content Engineer - Global Threat Operations

Trustwave Holdings, LLC
Chicago, IL 60601
  • Job Code
Trustwave Holdings, LLC

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Category: Security Services
Team: Managed Security Services
Location: Chicago, Illinois Greenwood Village, Colorado


Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

The Security Content Engineer provides operational and detection direction for a team that performs triage of a diverse set of global security issues, assesses their impact, and?implements response actions to protect critical business assets with a sense of urgency.

We are seeking an?experienced security practitioner for Trustwave's GTO organization to execute SIEM content development, develop platform and SOAR requirements, and evaluate new security technologies.

Candidates must be familiar with multiple facets of the Managed Security Services industry including services portfolios, scalable,?multi-user infrastructures, operations, SIEM use case development, and active response to contain and mitigate threats. ?Candidates must have a strong customer first?attitude, triage issues quickly,?and drive a culture of continuous?process improvement.

The Security Content Engineer will perform the following duties:
  • Manage tasks and projects to meet the goals of the MSS & GTO organizations
  • Organize and facilitate technical meetings with internal organizations
  • Maintain knowledge of industry-wide attacks and the current threat environment
  • Demonstrate subject matter leadership to GTO & Engineering staff
  • Create, improve, and document processes for use case development, analytical investigation, and the management and monitoring of security solutions
  • Take responsibility for the beath and depth of Trustwave's detection and response capabilities
  • Adhere to policies, procedures, and security best practices
  • Act as a mentor and escalation point for analysts, engineers, and ISAs within MSS
  • Lead projects to develop new service offerings and integrate new technology to services portfolio
  • Work with internal engineering teams to document new feature and function requirements
  • Collect and report data trending across multiple products, customers, and operations
  • Understand big picture security and threat landscape, concerns and motivations
  • Collaborate with management on process improvement, documentation, and definition for threat analysis and classification
  • Foster a culture of growth and development within the teams
  • Actively recognize and reward team members for actions above and beyond

Skills & Knowledge Requirements:

Must have skills/knowledge in some of the following:
  • Security Information and Event Management (SIEM)
  • Experience and expertise with deployment, baseline, management, monitoring, and optimization of security technologies
  • Expertise optimizing cyber threat intelligence for an enterprise environment
  • Understanding of MITRE [email protected] Enterprise Threat Matrix and development of custom use cases, based on described TTPs.
  • Unix / Linux and Windows system administration
  • Information security best practices & network security architecture
  • Signature based security products
  • Current exploit and remediation techniques
  • TCP/IP networking
  • Vulnerability Scanning technologies
  • Log collection and analysis tools
  • Threat Intelligence
  • Incident Response / Forensics
  • Payment Card Industry (PCI) Standards

Desired experience:
  • 2+ years team leadership experience
  • 5+ years MSS or multi-tenant enterprise security experience
  • 5+ years of experience in a security operations center or similar environment
  • 5+ years of experience with SIEM administration and use case development
  • 3+ years of experience with developing metrics and implementing organizational change
  • 3+ years of experience supporting operational escalations or processes
  • 3+ years of experience with network-based security controls
  • 3+ years of experience with endpoint protection security controls
  • 2+ years of experience with SOAR or workflow optimization platforms
  • Experience conducting technical operations in a fast-paced, multi-disciplined, distributed-responsibility and often ambiguous environment
  • Ability to apply critical thinking in complex situations; experience working in cross functional groups including SW engineering, Networking, and infrastructure
  • Experienced in gathering requirements and developing operational requirements for custom tools
  • Able to independently influence and resolve conflicts with others
  • Exposure to process improvement and or quality control tools and methods
  • Excellent written and verbal communication skills

  • English: Demonstrated Fluency

  • Bachelor's degree in security discipline or related field -or- 2+ years college and 5+ years security experience


We prefer college educated applicants, but at minimum, high school diploma or equivalent is required for employment.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.



Posted: 2021-04-15 Expires: 2021-05-16

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Security Content Engineer - Global Threat Operations

Trustwave Holdings, LLC
Chicago, IL 60601

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast