OverviewAs one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks. Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting. We are looking for someone who leverages in-depth industry knowledge of the business environment and various technical solutions to assist the customer to gain market share and increase operational efficiencies. You will provide technical and consultative leadership for Consulting technical solutions opportunities on a range of complex engagements, focused on an industry or service offering. This role requires some travel to customer sites.
Responsibilities

Provide technical and consultative services on NetWitness solutions on a range of complex consulting engagement projects, including workshops, requirements analysis, solution design and recommendations, documentation, and delivering training for customers.
Work closely with project managers (or act as project manager), other personnel, and the customer to ensure a smooth project implementation and transition from start to completion.
Deliver services independently as well as in a team environment, collaborating with NetWitness sales, other personnel, and clients.
Handle complex projects and multiple work streams; define and author deliverables; deliver projects with approved methodology while adhering to margin, planning, and SOW requirements.
Lead project quality assurance activities, including technical QA reviews; understand and adhere to proper escalation and change control procedures.
Validate requirements, perform limited prototyping and functionality design, and create proposals addressing current and evolving client requirements.
May manage or act as technical lead on small to medium projects or workstreams within larger, more complex projects.
Understand customer business challenges and provide strategy that addresses long-term goals.
Independently analyze large amounts of data, provide logical options, and deliver correct documentation and work products to achieve customer satisfaction.
Prepare, maintain and submit activity/progress reports and time management records; keep stakeholders informed of activities and issues promptly; complete end-of-project reports.
Provide knowledge transfer and training throughout and at the completion of assigned projects.
Prepare detailed project plans within the standards of project management methodologies and review/validate SOWs.
Categorize requirements into a project and contribute to ongoing project success.

Technical Responsibilities

Work with customers to enable their ability to hunt for and detect threats.
Track threat actors and associated TTPs; hunt for and identify threat actor groups and their techniques, tools, and processes.
Provide input on cybersecurity best practices, especially as relates to threat intel, threat hunting, and using/combining Network (NDR), Endpoint (EDR), and Log (SIEM) analysis.
Develop detection content and use cases within the NetWitness product for Network full packet capture, EDR, SOAR, and SIEM.
Develop advanced queries and alerts to detect adversary actions; develop dashboards and reports to identify potential threats and anomalous activity.
Assess customer gaps in visibility and provide next-step recommendations.
Assist customers to increase visibility and detection capability, working with incident response team members and providing expert guidance on investigating potential attacks.
Assist with sales project scoping and provide guidance to sales/clients.
Contribute to NetWitness technical course development; assist in creating knowledge checks and technical assessments.
Participate in lab and content QA; maintain instructor documentation and materials for future instructors; assist with lab use-case gathering and lab deployments/upgrades.
Deliver or help create at least one webinar every 6 months; participate in public customer training events as needed.

Required Experience / Qualifications
Ability to understand logging mechanisms for industry-standard networks, security solutions, servers, and databases. Good understanding of networking/security infrastructure; ability to detail data flow in a given topology. Strong communication skills (verbal, written, listening, and presentation). Analytical thinking and problem-solving abilities. Proficiency in distinguishing logs, events, packets, and incidents. In-depth knowledge of collection methodologies such as Syslog, SNMP, ODBC, LEA, FTP, SFTP. Knowledge of various threats, security trends, and security policy in the industry. Excellent presentation, workshop facilitation, and interpersonal skills. Professional level English speaking and writing. Federal security clearance can be an added advantage.
#J-18808-Ljbffr