News Corp
Cyber Security, Principal Incident and Threat Response Engineer
News Corp, Washington, DC
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets
Job Description :
Cyber Security, Principal Incident and Threat Response Engineer
Team: News Corp - Cyber Defense
As a Cyber Security, Principal Incident and Threat Response individual you will play a key role
within our Cyber Defense team. This work includes effectively handling cyber security events and
incidents, investigation and response to incidents, documentation and communication of
relevant incidents to appropriate stakeholders, developing response plans, and conducting
exercises to test response plans.
Primary objectives for the role will be to minimize the impact of active security incidents through
innovative approaches to incident response and to minimize the probability of security incidents
through proactively improving our ability to prevent, detect, disrupt, investigate, respond to, and
recover from those cyber risk events.
Responsibilities
• Lead internal incident response engagements to understand, mitigate and remediate
threats and risks impacting News Corp Business Units.
• Perform complex incident response technical analysis and develop technical conclusions
based on analysis of evidence; review analysis and conclusions of other team members.
• Monitor for and investigate internal and external threats leveraging best of breed
technologies.
• Contribute to the Security Mission - correlating multiple data sources, analyzing the facts,
determining best remediation strategy, and remediating until the incident is contained
and resolved.
• Set standards for the documentation of activities during an incident, creation of security
incident reports, and for conducting post-incident reviews.
• Drive continuous improvement through active collaboration with threat simulation,
vulnerability management, and security architecture teams.
• Spearhead the development of innovative approaches to detect, respond to, and
eradicate advance threats; improve overall time to respond and eliminate threats; and
increase effectiveness of analysts, including, but not limited to integration of innovative
methodologies to understand attacker behavior, adoption of automation to support
decision analysis, and implementation of orchestration.
• Mentor team members, junior and senior, in state-of-the-art incident response practices.
• Communication (both written and verbal) of incidents to appropriate stakeholders;
targeting discussions to appropriate technical depth dependent on the audience.
Skills
The ideal Principal Incident Response Engineer will have a proven track record of working within
the Security Incident Response space. A broad range of Cloud Security expertise is of interest.
This role is looking for practical experience (hands-on) in most of the following areas:
• Familiar with tactics, techniques, and procedures commonly employed by threat actors,
and their motivations
• Strong technical communication skills (oral and written) including experience briefing
executive management and desire to work with clients to solve complex security issues,
including at times in crisis situations
• Experience briefing senior-level leadership, and conveying technical subject matter to
audiences of varying backgrounds and skill levels
• Full-stack knowledge to understand modern attacks that involve networks, infrastructure,
compute and applications
• Familiarity with scripting/developing in modern languages like Python, Go, Ruby
• Understanding of modern application architectures (serverless, mobile, distributed...)
• Demonstrated experience in Cloud IR as a senior security support engineer or SOC
Engineer / Analyst
• Public/Private Cloud Experience (AWS, Azure, Google Cloud, VMware)
• In-Depth OS Experience (RHEL, Ubuntu, Windows Server)
• Understanding of host based security and tooling
• Ability to identify network attacks and systemic security issues as they relate to threats
and vulnerabilities, with focus on recommendations for enhancements or remediation
• Strong analytical skills/problem solving/conceptual thinking/attention to detail.
• Ability to work effectively with peers and multiple levels of management.
• Well organized, thorough, with the ability to balance and prioritize competing priorities.
• Excellent verbal and written communication skills across multiple levels of the
organization.
• Highly self-motivated with the ability to identify areas of focus and tackle new challenges
with or without direction
Experience
• Multiple years of cyber security experience.
• Preferably 5 years specializing in incident response and system monitoring and analysis,
leading investigations and coordinating security response team activities.
• Bachelor's degree in computer science, information assurance, MIS or related field, or
equivalent work experience.
• Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux,
Unix, networks and endpoints.
• Expertise using Security Correlation and Analytics platforms / SIEM platforms.
• Preferred certifications: GCFA, GCFE, CFCE, CDFE, CHFI or other forensic related
certifications
Job Category:
Pay Range: 185000 - 210000
We recognize that attracting the best talent is key to our strategy and success as a company. As a result, we aim for flexibility in structuring competitive compensation offers to ensure we are able to attract the best candidates. The quoted salary range represents our good faith estimate as to what our ideal candidates are likely to expect, and we tailor our offers within the range based on the selected candidate's experience, industry knowledge, location, technical and communication skills, and other factors that may prove relevant during the interview process.
Pay-for-performance is a key element in our strategy to attract, engage, and motivate talented people to do their best work. Similarly to salary, for bonus eligible roles, targets are set based on a variety of factors including competitive market practice.
For benefits eligible roles, in addition to cash compensation, the company provides a comprehensive and highly competitive benefits package, with a variety of physical health, retirement and savings, caregiving, emotional wellbeing, transportation, and other benefits, including "elective" benefits employees may select to best fit the needs and personal situations of our diverse workforce.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets
Job Description :
Cyber Security, Principal Incident and Threat Response Engineer
Team: News Corp - Cyber Defense
As a Cyber Security, Principal Incident and Threat Response individual you will play a key role
within our Cyber Defense team. This work includes effectively handling cyber security events and
incidents, investigation and response to incidents, documentation and communication of
relevant incidents to appropriate stakeholders, developing response plans, and conducting
exercises to test response plans.
Primary objectives for the role will be to minimize the impact of active security incidents through
innovative approaches to incident response and to minimize the probability of security incidents
through proactively improving our ability to prevent, detect, disrupt, investigate, respond to, and
recover from those cyber risk events.
Responsibilities
• Lead internal incident response engagements to understand, mitigate and remediate
threats and risks impacting News Corp Business Units.
• Perform complex incident response technical analysis and develop technical conclusions
based on analysis of evidence; review analysis and conclusions of other team members.
• Monitor for and investigate internal and external threats leveraging best of breed
technologies.
• Contribute to the Security Mission - correlating multiple data sources, analyzing the facts,
determining best remediation strategy, and remediating until the incident is contained
and resolved.
• Set standards for the documentation of activities during an incident, creation of security
incident reports, and for conducting post-incident reviews.
• Drive continuous improvement through active collaboration with threat simulation,
vulnerability management, and security architecture teams.
• Spearhead the development of innovative approaches to detect, respond to, and
eradicate advance threats; improve overall time to respond and eliminate threats; and
increase effectiveness of analysts, including, but not limited to integration of innovative
methodologies to understand attacker behavior, adoption of automation to support
decision analysis, and implementation of orchestration.
• Mentor team members, junior and senior, in state-of-the-art incident response practices.
• Communication (both written and verbal) of incidents to appropriate stakeholders;
targeting discussions to appropriate technical depth dependent on the audience.
Skills
The ideal Principal Incident Response Engineer will have a proven track record of working within
the Security Incident Response space. A broad range of Cloud Security expertise is of interest.
This role is looking for practical experience (hands-on) in most of the following areas:
• Familiar with tactics, techniques, and procedures commonly employed by threat actors,
and their motivations
• Strong technical communication skills (oral and written) including experience briefing
executive management and desire to work with clients to solve complex security issues,
including at times in crisis situations
• Experience briefing senior-level leadership, and conveying technical subject matter to
audiences of varying backgrounds and skill levels
• Full-stack knowledge to understand modern attacks that involve networks, infrastructure,
compute and applications
• Familiarity with scripting/developing in modern languages like Python, Go, Ruby
• Understanding of modern application architectures (serverless, mobile, distributed...)
• Demonstrated experience in Cloud IR as a senior security support engineer or SOC
Engineer / Analyst
• Public/Private Cloud Experience (AWS, Azure, Google Cloud, VMware)
• In-Depth OS Experience (RHEL, Ubuntu, Windows Server)
• Understanding of host based security and tooling
• Ability to identify network attacks and systemic security issues as they relate to threats
and vulnerabilities, with focus on recommendations for enhancements or remediation
• Strong analytical skills/problem solving/conceptual thinking/attention to detail.
• Ability to work effectively with peers and multiple levels of management.
• Well organized, thorough, with the ability to balance and prioritize competing priorities.
• Excellent verbal and written communication skills across multiple levels of the
organization.
• Highly self-motivated with the ability to identify areas of focus and tackle new challenges
with or without direction
Experience
• Multiple years of cyber security experience.
• Preferably 5 years specializing in incident response and system monitoring and analysis,
leading investigations and coordinating security response team activities.
• Bachelor's degree in computer science, information assurance, MIS or related field, or
equivalent work experience.
• Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux,
Unix, networks and endpoints.
• Expertise using Security Correlation and Analytics platforms / SIEM platforms.
• Preferred certifications: GCFA, GCFE, CFCE, CDFE, CHFI or other forensic related
certifications
Job Category:
Pay Range: 185000 - 210000
We recognize that attracting the best talent is key to our strategy and success as a company. As a result, we aim for flexibility in structuring competitive compensation offers to ensure we are able to attract the best candidates. The quoted salary range represents our good faith estimate as to what our ideal candidates are likely to expect, and we tailor our offers within the range based on the selected candidate's experience, industry knowledge, location, technical and communication skills, and other factors that may prove relevant during the interview process.
Pay-for-performance is a key element in our strategy to attract, engage, and motivate talented people to do their best work. Similarly to salary, for bonus eligible roles, targets are set based on a variety of factors including competitive market practice.
For benefits eligible roles, in addition to cash compensation, the company provides a comprehensive and highly competitive benefits package, with a variety of physical health, retirement and savings, caregiving, emotional wellbeing, transportation, and other benefits, including "elective" benefits employees may select to best fit the needs and personal situations of our diverse workforce.