Senior Threat Intelligence Engineer

Posted Date: Sep-27-2017

Job ID: 8865

Job Type: Full Time

Job Function: Information Technology

City: Bellevue

State: Washington


What's cool about this job

As the Senior Threat Intelligence Engineer, you’ll be a Red Team member working through deep intelligence exercises such as capture the flag to enumerate security gaps and business logic breakdown. You’ll work closely with the Blue team to understand threat vectors, security vulnerability and assess breach responsiveness. 
 
If you enjoy bringing visibility to vulnerable areas in both infrastructure and application security through table top exercises and working with the developers, this is the perfect role for you. You’ll work closely with the business analytics teams assessing new design, strategic architecture while building threat models and data flow diagrams. You’ll also understand how to evolve and evade counter measures, utilizing your knowledge in network and architectural dependencies and frameworks.

Responsibilities:
  • Utilizes tactics employed by cyber threat actors to proactively assess our ability to detect, react, and adapt to attacks.
  • Assists in the creation of workflows, procedures, and software development lifecycle integration points to insure that all REI developed code is accurately tested for security defects and continuously enhanced.
  • Documents and tracks defects from discovery to remediation.
  • Assists in the deployment of technology solutions that integrate with REI SDLC methodologies enabling development teams to discover and resolve security defects.
  • Develops testing methods and measurement techniques specifically tailored to REI's commerce systems.
  • Utilizes internal and external threat, indicator of compromise, and vulnerability data to iteratively adjust program methods, tools, and focus.
  • Actively engages REI development teams and builds relationships with key contributors/communicators to effectively execute the Application Security Program goals.
  • Assists in the refinement of the application penetration testing framework, including deliverables, custom script development, testing methods and techniques, and ongoing research

Bring your passion and expertise

  • 7+ years’ professional experience in cloud-based or online services security engineering, or service engineering.
  • 7+ years’ experience in cloud-based or online services Compliance related activity
  • 7+ years’ experience in design and rollout of Blue-Red team table top exercises in an Enterprise distributed computing environment
  • 6+ years’ experience creating a reusable security framework working with Corporate security and broader corporate programs
  • Has worked or been part of an online service compliance team for more than 5+ years and has completed more than 2 annual audit cycles.
  • Able to form working relationships and drive alignment with diverse stakeholders.
  • Able to drive multiple parallel projects in different phases at the same time, and has been involved in at least 3 Cloud-based/online services scale projects
  • 8+ years’ experience in design, and architecting an Active Directory paradigm and ecosystem, including supporting tools
  • 5+ or more years’ experience in working on large-scale online cloud based services.
  • Experience and understanding of cyber security in one or more of the following disciplines: network engineering, Windows Server, SQL Server, Active Directory, public key infrastructure, web applications. 
  • Preferred to have certifications in one or more of the following disciplines preferred: CISSP, networking, Microsoft Windows Server, Microsoft SQL Server, Information Security.
  • Familiarity with MOF or ITIL preferred.
  • BS or BA in Computer Science, Information Systems, Information Technology or a related field or equivalent experience is preferred.

Why you'll love it here

REI Information Technology is a team of creative and smart technologists who work in a collaborative environment to build business value through technology. And, we have the support of a great company to tackle some pretty dynamic challenges that will keep REI relevant for years to come.

At REI we offer an enviable work environment that has been recognized on the "100 Best Companies to Work For" list since the award's inception – 20 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

With more than 140 retail locations (and growing), REI offers unique competitive benefits to its more than 12,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

REI is an Equal Opportunity Employer

NEW YORK CORRECTION LAW
ARTICLE 23-A, Section 753
LICENSURE AND EMPLOYMENT OF PERSONS PREVIOUSLY CONVICTED OF ONE OR MORE CRIMINAL OFFENSES

§753. Factors to be considered concerning a previous criminal conviction; presumption.

1. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall consider the following factors:

(a) The public policy of this state, as expressed in this act, to encourage the licensure and employment of persons previously convicted of one or more criminal offenses.

(b) The specific duties and responsibilities necessarily related to the license or employment sought or held by the person.

(c) The bearing, if any, the criminal offense or offenses for which the person was previously convicted will have on his fitness or ability to perform one or more such duties or responsibilities.

(d) The time which has elapsed since the occurrence of the criminal offense or offenses.

(e) The age of the person at the time of occurrence of the criminal offense or offenses.

(f) The seriousness of the offense or offenses.

(g) Any information produced by the person, or produced on his behalf, in regard to his rehabilitation and good conduct.

(h) The legitimate interest of the public agency or private employer in protecting property, and the safety and welfare of specific individuals or the general public.

2. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall also give consideration to a certificate of relief from disabilities or a certificate of good conduct issued to the applicant, which certificate shall create a presumption of rehabilitation in regard to the offense or offenses specified therein.