• Forcepoint
  • $99,225.00 -153,280.00/year*
  • Boston , MA
  • Law Enforcement
  • Full-Time

Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people's intent as they interact with critical data and intellectual property wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.

Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people's intent as they interact with critical data and intellectual property wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.

About the Role

This position is a Detection Engineer role within our Analytics Engineering Group, which is responsible for ingesting, processing, storing, and analyzing cybersecurity and intelligence data. In this role, you will leverage your deep knowledge of incident response, behavioral analytics, malware, insider threats, digital forensics, penetration testing, reverse engineering, and intelligence to extract meaningful indicators and detections from raw data. If you know what the terms stacking and pivoting mean, and you've looked through millions and millions of security logs in your career, then this role is for you. You'll be reporting directly to the VP of Analytics Engineering, and will be responsible for advising a 50+ person team of developers on cybersecurity detection methodologies at the tactical level. You will productize your work by creating tactical detections within the Python framework of an analytics engine. You'll be an industry expert at turning cybersecurity intelligence and research into tactical detections. You'll create and test your detections in a mini-lab built/operated by you, and will stay current on evolving threats. You are the translator between raw logs and tactical detections. Typical tasks will include:

* Engineering tactical detections within an analytics engine
* Scripting in Python
* Exploratory Data Analysis (EDA)
* Translating tactical threat research into engineered solutions
* Engineering intelligence data to extract context and meaningful detection opportunities
* Applying experience in penetration testing, reverse engineering, or DFIR to create detections
* Application of Behavioral Analytics to detections
* Developing features for machine learning use

The ideal candidate:

* You're fun, positive, passionate, pro-active, and driven
* Ideally, you are an L3 analyst who has 7+ years of stacking, pivoting, and investigating threats on an incident response team or SOC
* You are comfortable extracting meaning from security tool logs, and are an absolute expert in understanding security telemetry from any source
* You have significant experience with SIEM, UEBA, IPS/IDS, NGFW, Proxy, Email, Linux, Windows (Sysmon + Windows Event Security Logs), Threat Intelligence, DNS, application, OS, netflow, and other security and network logs telemetry
* You've done one of these at some point in your career: pen testing, malware reverse-engineering, or created custom detections in your SIEM or other tool
* You have knowledge of behavioral analytics and the detection methodology used in UEBA
* Your Python is decent, and if not, you're willing to learn
* You have an interest in cybersecurity applications of ML
* You want to play in the tactical detection world without the stress of IR

About the Boston Office

The Forcepoint Boston Office is located in the historic Seaport District. Just steps away from numerous historic sites, the Seaport District offers many parks, waterfront walking/running paths, amenities, dining options, and incredible views of Boston Harbor and the Atlantic Ocean. The office is located a half-block from the Silver Line T train, and a 10-minute walk to South Station. FP's new Cyber Experience Center in the Boston Seaport is a beautiful, brand-new renovation of a historic building that creates an epic workspace conducive to innovation excellence.


Associated topics: crime scene, detective, fingerprint, inspector, investigate, investigation, investigative, investigator

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...