- Starting salary will be based on experience and credentials
- Information Technology
- Chicago, IL, USA
At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers.
It’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We use pragmatic approach to transform cyber security to enhance our business resilience to better manage potential cyber disruption. We invest new cyber security capabilities and leverage our strong cyber security ecosystems to tackle future threats.
The Cyber Defense Team are the beating heart of Dyson’s Cyber Fusion Center capabilities. They ensure Cyber Security incidents are managed timely and efficiently across all of our global locations.
About the roleYou'll be a leader in our 24x7 Cyber Defence team. We are global team with presence in USA, UK, EU and APAC.
You will help the wider analyst team perform alert monitoring, incident response, investigation and research on existing and emerging cyber threats. The position focuses on leveraging your understanding of the tactics, techniques, and procedures employed by advanced threats combined with intelligence from multiple sources to respond to a range of different and complex incidents.
You are the defenders of the Dyson network, the guardians or our secrets.
Our Cyber Defense team is tasked with identifying and addressing threats to the business utilizing a range of tools and technologies. The senior members of our Cyber Defense team are specialists in a number of areas with particular focus on network and endpoint forensic capabilities. We exist to ensure Dyson staff can innovate in a safe environment allowing Dyson to deliver exciting technology to the market before our competitors.
We would like candidates to demonstrate experience in:
- Delivering an enterprise level service where you have identified attacks, intrusions, unusual or illegal activity and acted in line with an incident management or response plan.
- Acting as a leader within a SOC environment, develop non-senior members of the team and challenge existing approaches with a view to delivering greater efficiency.
- Working in a close-knit team but with an ability to take the initiative to deliver innovative approaches.
- Own and author SOC playbooks, ensured they are followed and that they are regularly reviewed to identify better ways of working.
- Reviewing new technologies, working on proof of concepts and helping to decide the future technology stack of a SOC.
- Utilizing a range of intelligence sources to hunt for threats across an infrastructure. Taking the lead in threat hunting and training junior members of the team to help them develop in to seasoned Cyber Defense Analysts.
- Identifying opportunities to automate response to alarms, helping to drive maximum efficiency in a SOC to ensure time and resource availability to identify the true threats.
- Staying up to date with current security trends, attack approaches, campaigns and APT groups with a view to utilizing that knowledge while identifying threats to the business.
About youWe are looking for team members with an exceptional track-record of delivering security to a range of business types and sizes. You’ll bring the following:
- Expert knowledge and hands-on management of a SIEM/SOAR tools including the ability to analyse business practices, derive security use-cases and build alarm rules to cater to them.
- Strong knowledge of cyber threat hunting, advanced attack vectors and using cyber intelligence to proactively discover threat behavior.
- Strong knowledge in network and host-based security as a minimum as well as experience in web application security and client-server application security.
- Strong knowledge of approaches to exploiting Windows, Mac OS and Linux operating systems.
- Significant experience of utilizing a range of SOC technologies such as Endpoint Detection and Response tools (for example Carbon Black, Crowdstrike, Cybereason), Email Security Gateway (for example Symantec Email Security, Cisco Ironport), Web Security Proxy (for example Zscaler, Websense, Barracuda).
- Expert knowledge of a range of log types and headers with particular focus on email headers, IIS logs, AD logs etc.
- Practical knowledge of industry standard frameworks such as ISO 2700x, NIST, ITIL, etc.
- Experience of securing organisations in line with industry best practices such as CIS, SANs, OWASP, CSA.
- Knowledge of industry regulations such as PCI DSS, GDPR, China CSL, etc.
- Experience of a range of open source tools, technologies and sites for extending analysis capability (for example Wireshark, VirusTotal, Hybrid Analysis, Cuckoo, MISP etc.).
- Ability to translate and distill complex technical information across all levels of the organisation as required for the audience.
BenefitsAt Dyson, how we reward you is linked to our high-performance culture. But it’s about more than salary and bonus. Through a package of financial, lifestyle and health benefits, we support whatever stage of life you’re in and the moments that matter.
- 401K with up to a 4% match
- Company paid Life Insurance and AD&D
- Flexible Savings Account (FSA) and Health Savings Account (HSA)
- Competitive Paid Time Off Benefits including Separate Holiday, Sick, and Vacation Time
- Pre-tax Commuter Benefits (applicable areas only)
- Generous Child Care Leave Program
- Wellness Program
- Employee Assistance Program
- Generous Dyson Product Discounts
- Multi-Level Healthcare Coverage Options
- Vision & Dental Coverage
- Company paid Short-Term and Long-Term Disability
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.