- Lead efforts in intelligence gathering, intrusion detection, malware analysis, and APT analysis
- Design and execute remediation efforts within the “Response” phase of cyber incident lifecycle across functions, business units and regions
- Continuously engage intelligence team in a two way conversation: Develop, refine, and maintain intelligence requirements to focus intelligence in support of detection operations, and provide feedback on detection indicators and intruder tactics, techniques, and procedures.
- Mentor and provide direction to junior analysts, conduct additional triage on escalations from those analysts
- Conduct cyber investigations of internal or external threats based on a working knowledge of IT environments including: Microsoft Windows, Apple MAC, Linux, mobile devices and infrastructure components such as firewall technology, Active Directory, and operational log and event console activity.
- Evaluate threats from state actors, non-state actors, cyber criminals and activists
- Identify adversary’s activities, including attribution, tactics, techniques and campaigns
- Champion use of processes, standards, governance, and disciplined execution
- Evaluate and use advanced IR products and services to improve efficiency and effectiveness of incident response
- Lead projects to enhance CSIRT capabilities up to region or sector level
- A High School diploma from an accredited institution is required
- Minimum 5 years of experience in cyber security incident response and security operations
- Must be legally authorized to work in the US on a permanent and consistent basis without company sponsorship now and in the future.
This position requires use of information or access to hardware which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. ‘Green Card Holder’), Political Asylee, or Refugee”
- Bachelor’s or Master’s degree in a technical discipline such as: B.E / BTech / MCA / Equivalent (EITC) or B.S. Comp Science / Mathematics / Engineering / Equivalent
- 10 years of IT experience in information technology
- 3 years of experience with security technologies (e.g. IPS, IDS, SIEM, DNS, proxies) and detection techniques (e.g. forensics, malware analysis, packet analysis)
- 3 years of experience in correlating events from multiple sources to detect suspicious and/or malicious activity
- 3 years of experience evaluating cyber threats
- 3 years of experience identifying adversary activities (tactics, techniques and campaigns)
- Excellent proficiency with the English language (written and verbal). Additional language capabilities are a plus.
- Deep understanding of multiple Information Security disciplines with relevant work experience and/or relevant certifications (e.g. GCIH, CSIH, GREM, etc.)
- Deep understanding of common threats, penetration/intrusion techniques and attack vectors
- Strong analytical and problem-solving skills
- Up to 10% travel will be required for this position
Eaton is a power management company with 2015 sales of $20.9 billion. Eaton provides energy-efficient solutions that help our customers effectively manage electrical, hydraulic and mechanical power more efficiently, safely and sustainably. Eaton has approximately 97,000 employees and sells products to customers in more than 175 countries. For more information, visit www.eaton.com. At Eaton, we see things differently. We see opportunities to innovate, go above and beyond, and we work hard because what we do reflects who we are. If you see things differently—if you’re determined, motivated and focused on improving the world around you—then it’s time to see where a career at Eaton can take you. For more information, visit www.eaton.com/careers. Eaton is an Equal Opportunity and Affirmative Action Employer. Eaton is committed to ensuring equal employment opportunities for all job applicants and employees. Employment decisions are based upon job-related reasons regardless of an applicant’s race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, marital status, genetic information, protected veteran status, or any other status protected by law.
Job: Information Technology
Region: North America – US/Puerto Rico
Organization: Corporate Sector
Job Level: Individual Contributor
Is remote work (i.e. working from home or another Eaton facility) allowed for this position?: Yes
Does this position offer relocation?: No
Travel: Yes, 10 % of the Time