Information Security Specialist - Threat Detection at The Judge Group Inc. in Phoenix, Arizona

Job Description:

Location: Phoenix, AZ

Salary: $125,000.00 USD Annually - $175,000.00 USD Annually

Description: Our client is currently seeking a Information Security Specialist - Threat Detection to join their growing team protecting one of the world largest, most heavily secured enterprise environments.


This job will have the following responsibilities:

• Collaborate with the Cyber Threat Intelligence team to identify and mitigate active or emerging threats targeting American Express.


• Conduct basic threat modeling of common environments to pinpoint threat detection opportunities across the MITRE ATT&CK framework.


• Partner with platform owners and Cyber Data Engineering to identify necessary telemetry for developing threat detection mechanisms.


• Perform in-depth analysis of logs and malicious artifacts.


• Analyze large datasets to detect trends and anomalies indicative of malicious activities.


• Develop, document, and maintain custom detection queries.

Qualifications & Requirements:

• 7+ years of experience in Incident Response, Threat Detection, or Threat Hunting.


• Extensive exposure to endpoint detection principles, network security principles, and advanced rule writing.


• Hands-on experience in a Security Operations Center (SOC) or security engineering environment.


• Excellent communication skills and the ability to work effectively in a team and fast-paced environment.


• Thorough knowledge of information security components, principles, practices, and procedures.


• Analytical approach with familiarity in solving complex security problems.


• Understanding of Operating System internals and the ability to analyze malicious code, scripts, and exploits.


• Experience analyzing logs and events from endpoint and other security solutions.


• Knowledge of network principles, topology, protocol behavior, and security devices (IPS, IDS, HIPS, firewall).


• Understanding of authentication principles and technologies, including Active Directory and RACF.


• Ability to evaluate threat intelligence and identify TTPs for detection mechanisms at both host and network levels.


• Expert knowledge in threat detection and intuition, with a deep understanding of malicious network traffic.


• Ability to analyze data from various sources and correlate it to meaningful security events.


• Advanced rule/query writing experience in at least one SIEM.


• Understanding of content testing, implementation, and revision cycles.


• Programming experience in at least one scripting language.


• University degree in computer science, computer engineering, or a related field, or equivalent experience.


• Preferred certifications: GCIA, GCDA, CISSP, or similar.

Contact: bjohnson@judge.com


This job and many more are available through The Judge Group. Find us on the web at www.judge.com Apply Now