Extended Expertise Consultant/Network Security Consultant

Customer-specific requirements:

• The resource must have strong prioritization, organizational, and interpersonal skills.
• They must be able to work decisively and efficiently under pressure.
• The resource must communicate technical concepts and risks to stakeholders with little to no cybersecurity understanding.
• Ability to work as a liaison/intermediary with multiple stakeholders.
• Ability to report on platform adoption, Ability to communicate project status to stakeholders on a weekly or monthly basis

XPANSE qualifications:

• Familiarity with the Attack Surface Management or a related field in cybersecurity (eg, discovery methods, port scanning, vulnerability management, etc)
• Professional experience in technical client delivery & engagement and/or technical intelligence analysis
• Knowledge of Advanced Persistent Threat (APT) actors and their Tactics, Techniques, and Procedures (TTPs)
• Experience applying threat hunting techniques to track attack patterns to malware variants to uncover previously undetected adversary behavior

Additional Requirements:

• Endpoint protection deployment, operationalization, troubleshooting, training experience
• Experience as a Security Incident Responder or SOC analyst/manager
• Experience in Python or JavaScript

-------------------------------------------------------------------------

Job Description:

Your Career
The Resident Engineer (newly branded Extended Expertise) is an integral part of our mission
within our Professional Services team. As an Extended Expertise Engineer, you will work
on-site/remote with our customer(s) supporting our mission to help them quickly and completely
adopt our End Pointy Platform, leaving them more secure. This is a highly technical, hands-on
role and you will develop and maintain expert-level skill sets on our products and solutions
deployed within the customer's environment.
Your Impact
● Learn & understand the customer’s business requirements and the threat landscape that
is most applicable to their industry’s vertical sector
● Endpoint protection deployment, operationalization, troubleshooting, training experience
● Experience as a Security Incident Responder or SOC analyst/manager
● Familiarity with cloud technologies, providers (GCP, AWS, Azure), use-cases

Qualifications:

Your Experience
● Provide remote support to the customer
● Familiarity with the Attack Surface Management or a related field in cybersecurity (eg.
discovery methods, port scanning, vulnerability management, etc.)
● Professional experience in technical client delivery & engagement and/or technical
intelligence analysis
● Knowledge of Advanced Persistent Threat (APT) actors and their Tactics, Techniques,
and Procedures (TTPs)
● Experience applying threat hunting techniques to track attack patterns to malware
variants to uncover previously undetected adversary behavior
● Endpoint protection deployment, operationalization, troubleshooting, training experience
● Experience as a Security Incident Responder or SOC analyst/manager
● Familiarity with cloud technologies, providers (GCP, AWS, Azure), use-cases
● Time to Value - Analyze customer requirements, provide guidance & assistance
throughout the customer lifecycle to ensure a quick and successful product deployment
● Product Expert - Act as the product SME, working together with product and engineering
teams ensuring our customers and partners get the most out of our products
● Drive Product Adoption - Continuous contact with customers to expand adoption of our
product by utilizing new features and developing additional innovative use cases
● Networking experience in TCP/IP, OSI Model, troubleshooting, analysis
● Experience in customer-facing roles
● Familiarity with machine learning and its various applications within cybersecurity
● Familiarity with the different enterprise security and IT products, processes, and
ecosystem
● Threat hunting and detection engineering experience of tuning alerts, development of
custom BIOCs, and development of correlation rules for new log sources
● Experience with log ingestion and parsing rules for XDR
● The ability to develop and maintain scripts in Python or Powershell is a plus
● Familiarity with XQL, SQL, or a query scripting language
● Experience with SIEM tools, such as Splunk
● Familiarity with XDR APIs
● Basic Linux system administration & troubleshooting experience
● Ability to work under pressure and prioritize tasks accordingly

Job Type: Contract

Pay: $65.00 - $75.00 per hour

Expected hours: No less than 40 per week

Application Question(s):

• Are you comfortable working on W2?
• Are you legally authorized to work in the United States, US Citizen?
• Are you willing to work on a contract basis?
• How many years of experience do you have with XDR/Xpanse?
• How many years of experience do you have with Palo Alto?
• How many years of experience do you have with Attack Surface Management or a related field in cybersecurity (eg, discovery methods, port scanning, vulnerability management, etc)?
• How many years of experience do you have as a Security Incident Responder or SOC analyst/manager?
• How many years of experience do you have with Advanced Persistent Threat (APT) actors and their Tactics, Techniques, and Procedures (TTPs)?
• How many years of experience do you have with python?
• How many years of experience do you have with Endpoint protection deployment, operationalization, troubleshooting, training?

Work Location: Remote