About Thermo Fisher Scientific
Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with revenues of more than $20 billion and approximately 65,000 employees globally. Our mission is to enable our customers to make the world healthier, cleaner and safer. We help our customers accelerate life sciences research, solve complex analytical challenges, improve patient diagnostics, deliver medicines to market and increase laboratory productivity. Through our premier brands - Thermo Scientific, Applied Biosystems, Invitrogen, Fisher Scientific and Unity Lab Services - we offer an unmatched combination of innovative technologies, purchasing convenience and comprehensive services.
This position is accountable for defending the enterprise against network intrusion activity originating from criminal and nation state adversaries. It is focused on ensuring effective execution of operational workflows, analytical completeness, enhancing tradecraft, and implementing resilient countermeasures.
Support the Threat Management Center (TMC):
o Provide top tier support for all SOC Analysts
o Assist Security Engineering and Architecture in the development and augmentation and improvement of SOC tool sets.
o Provide recommendations for remediating vulnerabilities discovered while carrying out duties.
- Bachelor’s Degree in Information Security, Cyber Security or equivalent work experience acceptable
- Relevant technical certifications a plus
- 4+ years of combined experience in cybersecurity architecture, security engineering, Security operations or related fields
- 8+ years of overall IT related experience
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and subject matter experts
- Must be proactive, creative, and possess strong analytical skills
- Thorough understanding of current malware and malware delivery techniques used by both Criminal Actors and Nation States.
- Broad knowledge in Network and Endpoint Intrusion Detection/Prevention technologies
- Experience with Splunk Enterprise and Enterprise Security
- Experience creating customized security log analysis and detection capabilities using programming and development expertise, including Java, Python, Shell scripting, and regular expression
- Analyze existing and emergent cyber threat activities and develop content (threat advisories, blogs, product content, etc.) that benefit our customers and encourage general Internet safety.
- Create new, and utilize existing, sources of intelligence (OSINT, security working groups, etc.) to build a better understanding of emerging threats and actor TTPs.
- Identify, develop, and utilize research methods for identifying unknown actors, trends, and campaigns.
- Familiar with IOC collection, validation and distribution through many different platforms
- Must be fluent in all major Operating Systems Platforms (Windows, Linux/Unix, Mac)
- Must have a solid understanding of virtual environments hosted and cloud (VSphere, Hypervisor, AWS, Azure etc.)
- Strong attention to detail, organizational skills
- Tactical threat analysis experience
GCIH, GCFE, GCFA, GREM, GNFA, GCIA or related certification(s) desired