Be part of something special; come join the BlackBerryGUARD team!
BlackBerry is revolutionizing cyber security with products and services that proactively prevent, rather than re-actively detect the execution of advanced persistent threats and malware. Our unique artificial intelligence (AI) approach – predicting and protecting against known and unknown malware, fileless attacks and zero-day payload execution – has been deployed for more than 3,400 forward-thinking customers securing 14.5 million endpoints. Our mission? To support every endpoint under the sun.
Are you who we’re looking for?
BlackBerryGUARD provides an active hunting solution to our customers 24 hours a day, 7 days a week. The Senior BlackBerryGUARD Analyst is the frontline of defence for customers of BlackBerryGUARD.
Working within the BlackBerryGUARD team, the analyst is responsible for reviewing BlackBerry product alerts to detect advanced threats that evade traditional security solutions as well as creating new detection capabilities to allow for proactive detection of compromised systems. You’ll ensure that new environments are set up to enable accurate and actionable reporting on identified threats. You’ll also participate in developing processes, procedures, training, etc. for new technologies. You’ll have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.
What you will do:
Be responsible for working in a 24x7 Security Operation Centre (SOC) environment
Provide analysis of BlackBerry product data and BlackBerry compromise assessment data
Provide Incident Response (IR) support and recommendations when analysis confirms actionable incident
Investigate, document, and report on information security issues and emerging trends in the industry, in order to feed into the threat hunting element of the service
Coordinate with other analysts on activities impacting a diverse customer base
Integrate and share information with other analysts and other teams
Working with, training and mentoring of junior team members
Other tasks and responsibilities as assigned
Who we are looking for:
3+ year of experience in Information Security
3+ year of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage
Deep understanding of the forensic artifacts within one of the following; Windows, Mac, and/or Linux
Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK Matrix.
Familiarity with Cylance Endpoint Protection Products (Desired)
Prior experience working with in the following areas: (Desired)
Computer Incident Response Team (CIRT)
Computer Security Incident Response Center (CSIRC)
Security Operations Center (SOC)
Experience with APT/crimeware ecosystems (Desired)
Programming/Scripting with Python, VB, Powershell, and/or Go (Desired)
Familiar with ELK; building searches, dashboards, and log stash filters (Desired)
Above and beyond:
Bachelor's degree in Computer Science, Engineer or related field, or equivalent experience
Certifications such as, OSCP, GPEN, GCFA, GCFE, GREM, GCNA, GCIH, or GCIA
Interested to learn more? We’d love to hear from you!