Position Summary
Applied Materials, Inc. is the leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world.
The Information Security threat landscape continues to become increasingly complex and requires constant vigilance to secure a large, global enterprises. Applied has an exciting opportunity to join a world-class information security team, working with a global team and external agencies to protect Applied Materials.
This position will is open to remote work in various locations across the US. Candidate will be responsible for leading Incident Response, administration, maintenance, and integration of multiple security platforms for security operations. Responsible for technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network & Identity management system and applications systems security monitoring
Key Responsibilities:
Lead security incident response in a cross-functional collaboration environment driving towards incident resolution
Develop IR initiatives that improve our capabilities to respond and remediate security events faster
Perform forensic analysis of digital information
Validating the ingestion of log sources and maintaining the flow of required logs to the SIEM
Contributing to the configuration and maintenance of security operations controls such as antivirus, application whitelisting, Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), and Security Information and Event Management (SIEM) and Security Orchestration and Automation Platforms
Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify and investigate potential threats
Build automation for identification, response, and remediation of malicious activity
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
Work with Computer Security Incident Response Team (CSIRT) to manage & contain information security incidents and events to protect company IT assets, Intellectual Property, and company's reputation
Respond to advisory service requests to address and drive thru for closure as needed.
Perform technical research into advanced, targeted attacks, crimeware campaigns, malware and other emerging technologies and techniques to identify and report on cyber-attacks and attackers
Perform proactive research to identify, categorize and produce reports on new and existing threats
Supply actionable recommendations to other teams within Applied Materials, to bolster cyber security efforts
Display strong technical aptitude with: IT Security, Enterprise Firewalls, Intrusion Detection and Prevention, Antivirus, Web and Email Security, Server and application monitoring, Windows and Linux based Web Services
Skills Requirement:
Bachelor's degree or equivalent experience in Security
Knowledge of networking technologies, specifically TCP/IP and the related protocols
Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.)
Experience with attacker tactics, techniques and procedures
10+ years of experience in cyber security
Strong problem-solving and analytical skills, initiative, eagerness to learn, improve, and ability to work independently within a team structure
Background in malware analysis, intrusion detection, and/or threat intelligence
Experience threat hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Logs and events processing, Incident Management, Detection and/or response tool development
Previous experience in a Security Operations Center (SOC) & MITRE Framework
Experience analyzing network and host-based security events
Preferred certifications CISSP, CCSP, GSEC, ISSAP, GCIH
#LI
Qualifications
Education:
Bachelor's Degree
Skills
Certifications:
Languages:
Years of Experience:
4 - 7 Years
Work Experience:
Additional Information
Travel:
Yes, 10% of the Time
Relocation Eligible:
No
Applied Materials is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.
