Overview
As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks. Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting. We are looking for someone who leverages in-depth industry knowledge of the business environment and various technical solutions to assist the customer to gain market share and increase operational efficiencies. You will provide technical and consultative leadership for Consulting technical solutions opportunities on a range of complex engagements, focused on an industry or service offering.
This role requires some travel to customer sites.
Responsibilities

Provide technical and consultative services on NetWitness solutions for a range of complex consulting engagements, including workshops, requirements analysis, solution design and recommendations, documentation, and delivering training.
Work closely with project managers (or act as project manager), other personnel, and the customer to ensure smooth project implementation and transition from start to finish.
Deliver services both independently and in a team environment, collaborating with NetWitness sales, other personnel, and clients.
Manage multiple work streams on complex projects, define and author deliverables, and deliver projects with approved methodology while adhering to margin, planning, and SOW requirements.
Lead project quality assurance activities, including technical QA reviews, and follow proper escalation and change control procedures.
Validate requirements, conduct limited prototyping and functionality design, and create proposals addressing current and evolving client requirements.
May manage or function as technical lead on small to medium projects or workstreams of larger, more complex projects.
Understand customer business challenges and provide strategy addressing long-term goals.
Independently analyze large amounts of data, produce logical options, and deliver documented, high-quality work products to achieve customer satisfaction.
Prepare, maintain, and submit activity/progress and time management reports; keep stakeholders informed of activities and issues promptly; complete end-of-project reports.
Provide knowledge transfer and training during and after assigned projects.
Prepare detailed project plans within standard project management methodologies; review and validate SOWs and categorize requirements into a project.

Technical Responsibilities

Work with customers to enhance their ability to hunt for and detect threats.
Track threat actors and associated TTPs; hunt for and identify threat actor groups and their techniques, tools, and processes.
Provide input on cybersecurity best practices related to threat intel, threat hunting, and using NetWitness components (NDR, EDR, SIEM).
Develop detection content and use cases within the NetWitness product for Network full packet capture, EDR, SOAR, and SIEM.
Develop advanced queries and alerts to detect adversary actions; create dashboards and reports to identify potential threats and anomalous activity.
Assess customer visibility gaps and provide next-step recommendations; assist customers in increasing visibility and detection capability in cooperation with incident response team members.
Provide expert advice on how to investigate potential attacks and assist in sales project scoping; guide and contribute to technical NetWitness course development.
Assist in developing knowledge checks and technical assessments; participate in lab and content QA; maintain instructor documentation and materials for future instructors; assist with lab use-cases and lab deployments/upgrades.
Deliver or help create at least one webinar every 6 months; participate in public customer training events as needed.

Required Experience / Qualifications
Ability to understand logging mechanisms for industry-standard networks, security solutions, servers, and databases. Good understanding of networking/security infrastructure. Ability to detail data flow in a given topology. Strong communication skills (verbal, written, listening, and presentation). Analytical thinking and problem-solving abilities. Proficiency in distinguishing logs, events, packets, and incidents. Knowledge of collection methodologies such as Syslog, SNMP, ODBC, LEA, FTP, SFTP. Familiarity with various threats, security trends, and security policy in the industry. Excellent presentation, workshop facilitation, and interpersonal skills. Professional level English speaking and writing. Federal security clearance can be an added advantage.
#J-18808-Ljbffr