Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.


Description:

The MDR Security Architect provides operational and architecture direction for a team that responds rapidly to triage a diverse set of global security issues, assesses their impact, and?implements response actions to protect critical business assets with a sense of urgency. We are seeking an?experienced security leader for Trustwave's GTO organization to lead content development, develop platform and SOAR requirements, and evaluate new security technologies.

Candidates must be familiar with multiple facets of the Managed Security Services industry including services portfolios, scalable,?multi-user infrastructures, operations, SIEM use case development, and active response to contain and mitigate threats. ?Candidates must have a strong customer first?attitude, triage issues quickly,?and drive a culture of continuous?process improvement.


Skills & Knowledge Requirements:
Must have skills/knowledge in some of the following:

• Experience and expertise with deployment, baseline, management, monitoring, and optimization of security technologies
• Expertise optimizing cyber threat intelligence for an enterprise environment
• Understanding of MITRE ATT@CK Enterprise Threat Matrix and development of custom use cases, based on described TTPs.
• SOC Operations / Management

• Security Information and Event Management (SIEM)
• Unix / Linux and Windows system administration
• Information security best practices & network security architecture
• Signature based security products
• Current exploit and remediation techniques

• TCP/IP networking
• Vulnerability Scanning technologies
• Log collection and analysis tools
• Threat Intelligence
• Incident Response / Forensics

• Payment Card Industry (PCI) Standards

Desired experience:

• 5+ years team leadership experience
• 5+ years MSS or multi-tenant enterprise security experience
• 5+ years of experience in a security operations center or similar environment

• 5+ years of experience with SIEM administration and use case development
• 3+ years of experience with developing metrics and implementing organizational change
• 3+ years of experience supporting operational escalations or processes
• 3+ years of experience with network-based security controls
• 3+ years of experience with endpoint protection security controls

• 2+ years of experience with SOAR or workflow optimization platforms
• Experience conducting technical operations in a fast-paced, multi-disciplined, distributed-responsibility and often ambiguous environment
• Ability to apply critical thinking in complex situations; experience working in cross functional groups including SW engineering, Networking, and infrastructure
• Experienced in gathering requirements and developing operational requirements for custom tools
• Able to independently influence and resolve conflicts with others

• Exposure to process improvement and or quality control tools and methods
• Excellent written and verbal communication skills

Required:

• English: Demonstrated Fluency

Desired:

• Bachelor's degree in security discipline or related field -or- 2+ years college and 10+ years security experience

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.




PI128348067