Sr. Engineer, Detection & Response
Santa Monica California 90405 United States of America
13 days ago
Job Title:Sr. Engineer, Detection & Response
Job Title: Sr. Engineer, Detection & Response
Reporting To: GIS Operations Lead
Department: Global Information Security
Location: Santa Monica, CA
Activision Blizzard plays a centralized role in the creation of epic entertainment by supporting our interactive gaming brands and studios with a diverse range of career opportunities across corporate functions such as Marketing, Communications, Legal, Human Resources, Finance and Supply Chain. Located in our global headquarters in Santa Monica, we encompass equal parts agility, creativity and rigor to enhance the employee and player experience. To learn more, check us out at www.activisionblizzard.com or on Twitter at @ATVI_AB.
The Sr. Engineer, Detection & Response is a highly-technical role and an in-house subject matter expert who diligently assists with the improvement of information security across the organization by understanding the threats it faces. Their primary responsibilities are (but not limited to): intrusion analysis, incident handling, digital forensics, developing thorough incident reports, and technical security research. The analyst will be responsible for leveraging security related data from internal ‘sensors’ (e.g. SIEM, firewalls, IDS, routers, proxies, hosts etc.) and external sources (vendors, industry working groups, law enforcement etc.) to implement effective mitigations, and reviewing appropriate data sources for indications of adversarial activity. This role reports into Global Information Security team and maintains strong relations with all Line of Business technology groups. This person will work closely with a number of key individuals and teams to investigate and forensically examine potentially compromised systems as well as identifying, alerting, and responding to mitigate information security incidents.
Responsibilities include, but are not limited to:
- Assists with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
- Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc
- Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc.
- Reconstruct events of a compromise by creating a timeline via correlation of forensic data
- Malware analysis and other attack analysis to extract indicators of compromise.
- Reviewing audit trails for unauthorized access attempts or other information security violations
- Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks
- Analyze previously unknown malware utilizing static and dynamic methods to determine its behavior and impact on endpoints as well as build a list of indicators of compromise
- Expectation of off-hours support, responsiveness and availability in response to critical security related incidents, material developments which could create risk to the Company, known threats etc.
- Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.
- Some international travel required
- Demonstrated and continued involvement within cyber security-specific communities at any scale (e.g., groups, organizations, conferences) or equivalent activity that seeks to maintain small and large scale awareness of major security topics and events
- Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders or security community
- Strong host and network based forensics skills.
- Effective technical skills to understand the ramifications of various system security recommendations and decisions
- Experience conducting detailed log analysis and correlation
- Hands on Malware analysis experience – dynamic and static
- Good understanding of SIEMs and similar technologies
- Knowledge of industry good practice for foundational security elements including network device and system-level hardening.
- Ability to assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact
- Excellent oral/written communication, problem solving and analytical skills
- Ability to work independently and as part of a team to achieve desired objectives and project results
- Ability to interface effectively and decisively with all levels of management, departments and outside vendors.
- Ability to identify both tactical and strategic solutions.
Activision Blizzard, Inc. (NASDAQ: ATVI), is one of the world's largest and most successful interactive entertainment companies and is at the intersection of media, technology and entertainment. We are home to some of the most beloved entertainment franchises including Call of Duty ®, World of Warcraft® , Overwatch ®, Diablo ®, Candy Crush ™ and Bubble Witch ™. Our combined entertainment network delights hundreds of millions of monthly active users in 196 countries, making us the largest gaming network on the planet!
Our ability to build immersive and innovate worlds is only enhanced by diverse teams working in an inclusive environment. We aspire to have a culture where everyone can thrive in order to connect and engage the world through epic entertainment. We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ - we’ve got our employees covered!
The videogame industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.
Activision is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law and will not be discriminated against on the basis of disability.