Highland Defense is a cybersecurity firm specializing in defensive cybersecurity products and services for Fortune 500 companies. We are expanding our passionate team of cybersecurity operatives and innovators. If you are a junior or senior security technologist and want to push the limits of cyber defense, please consider applying.

JOB TITLE

ENTERPRISE SECURITY NAVIGATOR

JOB SUMMARY

The Enterprise Security Navigator plays a key role in keeping Highland Defense clients safe from cyber threats. This position is responsible for working with Highland Defense clients (security leaders, managers, analysts, threat hunters and engineers in some of the world’s largest companies) to optimize their security operations and maturity through people, process, and technology.

ESSENTIAL FUNCTIONS

  • Evaluate current security tools and controls for efficacy.

  • Evaluate the Splunk, security data, and configurations in their environments.

  • Consult with Highland team members and client team members to identify problems and opportunities for improvement.

  • Formulate and execute priorities and plans based on findings and consultations with the customers.

  • Apply security and technology knowledge enabling clients to achieve their most important operational and strategic security initiatives

  • Configure and tune Highland Security applications inside of customer's Splunk environments to achieve the same.

REQUIREMENTS

Education

Preferred: 2-year technical degree or higher

Minimum: High School Diploma

Work Experience

Preferred: 3+ years’ experience in an offensive and/or defensive cyber operations role (eg., Red Team, Threat Hunting, Incident Response, SOC Analyst, Penetration Tester)

Minimum: 3 years in Enterprise IT

Licensens & Certifications

Preferred: Advanced Splunk Certifications

Minimum: Splunk Core Certified User

Required Knowledge, Skills & Abilities

  • Experience with collection, processing, and analysis of indicators.

  • Experience with creation, validation, and deployment of correlation rules for SIEMs, signatures or rules for EDR/IDS/IPS/NGAV/NGFW.

  • Strong understanding of security principles such as attack frameworks, threat landscapes, attacker TTPs, etc.

  • Strong knowledge of network communications, routing protocols, regulatory standards and compliance requirements and common internet applications/standards

  • Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals

  • Teamwork and ability to promote a working environment that increases collaboration, predictability, transparency and promotes a culture of experimentation, innovation, and taking risks.

  • Proven ability to effectively communicate findings and mitigation strategies to stakeholders and develop comprehensive and accurate reports and presentations for both technical and executive audiences.

Physical Requirements

  • Ability to work in a typical office environment involving exposure to fluorescent lighting, potential ink fumes, contact with synthetic materials and air conditioning.

  • Ability to sit and/or stand for 8 hours.

  • Ability to type at a computer for 8 hours.

Location & Travel Requirements

Position is primarily remote work, but up to 20% travel may be required for customer and company in-person meetings when health related travel restrictions are lifted.