Global enterprise is expanding its detection and response team
Their control plane is excellent, this isn't an environment that's on fire every day. It's certainly not boring, there is plenty to do but you wont be going around in circles.
This role is all about improving techniques and making them better. Improving investigation techniques, creating better relationships with different technology groups, proactive threat hunting, looking for adversaries, and building detections. They are also introducing purple teaming this year and will rotate people through that.
Their control owners and tech service owners do a basic level of monitoring - they've eliminated tier 1 SOC.
They are not worried about brute force or failed logins. Email, Firewalls etc are going to prevent 99% of attacks without doing anything. Anything that gets passed that is either a fluke or advanced threat actor - that's where
... Click here to view more detail / apply for Cyber Threat & IR