Equifax, Inc.

Apply for this job

Cyber Threat Detection Engineer (Finance)



Equifax seeks a Cyber Threat Detection Engineer to provide incident response guidance and analytic capabilities to an enterprise-wide cybersecurity program. The position will include a robust assortment of security initiatives that support the global security team.
  • This position does not offer immigration sponsorship (current or future) including F-1 STEM OPT extension support.
  • This position can be based in Alpharetta, GA, Midtown / Atlanta, GA OR Reston, VA. This resource should be local to one of these locations and will be required to work from one of those locations.
  • Corporate Return To Office expectations: Onsite weekly requirements each Tuesday, Wednesday, and Thursday each week.
  • Due to the nature of service management / security based positions, this role will require additional onsite responsibilities during the week (Monday and / or Friday) as needed, occasional work outside normal business hours, & possible travel (10% or less), due to the nature of investigations responsibilities.

What you'll do
  • Create and implement detection and prevention controls using a range of security tools (SIEM, DLP, IPS/IDS, EDR)
  • Management and implementation of network and security tools to support incident response
  • Implement controls to identify new attack TTPs and mitigation techniques in support of daily operations
  • Compile metrics and reports in support of SOC program objectives and priorities
  • Develop and refine use-case scenarios for new and existing analytical tools
  • Support SOC-specific activities for the day-to-day operations
  • Work with internal subject matter experts (SOC/Threat Resistance/Investigations) to aid in interdicting active threats
  • Enrich team value by sharing knowledge

What experience you need
  • Bachelor's degree in Cyber Security, Computer Science, or a related field or equivalent work experience
  • 5+ years of general Information Security experience required
  • Will have experience working in a cyber security operations (SOC), CIRT, or Cyber Intelligence team performing incident response, threat hunting, and/or network and system monitoring.
  • Technical knowledge in developing detection content utilizing a wide range of security tools including SIEM, EDR, IPS/IDS, DLP, and/or SOAR.
  • Working knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc.)

What could set you apart
  • Post-graduate degree or Technical certifications (CISSP, CCNA, GCIA, GCIH, etc.) preferred but not required
  • Thorough understanding of network protocols
  • Strong understanding of *nix and Windows operating system functionality
  • Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies, and risk
  • Strong research, analytic, writing, and briefing skills.
  • Demonstrated flexibility, initiative, judgment, and discretion.
  • Willingness to learn new tools and processes and proven track record of learning new technologies, methodologies, and skills.

#LI-Hybrid

#LI-JC2 Apply

Apply Here done