DISH is a Fortune 250 company with more than $13 billion in annual revenue that continues to redefine the communications industry. Our legacy is innovation and a willingness to challenge the status quo, including reinventing ourselves. We disrupted the pay-TV industry in the mid-90s with the launch of the DISH satellite TV service, taking on some of the largest U.S. corporations in the process, and grew to be the fourth-largest pay-TV provider. We are doing it again with the first live, internet-delivered TV service Sling TV that bucks traditional pay-TV norms and gives consumers a truly new way to access and watch television.
Now we have our sights set on upending the wireless industry and unseating the entrenched incumbent carriers.
We are driven by curiosity, pride, adventure, and a desire to win it's in our DNA. We're looking for people with boundless energy, intelligence, and an overwhelming need to achieve to join our team as we embark on the next chapter of our story.
Opportunity is here. We are DISH.
Job Duties and Responsibilities
The focus of the Cyber Security Threat Hunter is to proactively investigate security events in an effort to identify artifacts of a cyber-attack. They will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities can include digital forensics, use case development, security control testing, and hunt plan development. The Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies. Working within the Security Analysis and Operations Team at Dish Network, the Cyber Security Threat Hunter is responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions The Threat Analyst will ensure that new environments are identified and understood to enable accurate and actionable reporting for other tiers. Threat Hunters will also participate in developing processes, procedures, training, etc. for new technologies. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.
Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
Capture intelligence on threat actor TTPs/IOCs and coordinate with SecOps pods to develop countermeasures
Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from a variety of security sensors
Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools
Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to management
Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
Develop advanced queries and alerts to detect adversary actions
Skills - Experience and Requirements
3+ years of experience in Information Security
2+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage
Experience with packet analysis and usage of deep packet inspection toolsets.
Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix.
Familiarity with EDR/SOAR/Anomaly detection solutions
Prior experience working with in the following areas:
Computer Incident Response Team (CIRT)
Computer Security Incident Response Center (CSIRC)
Security Operations Center (SOC)
Experience with APT/crimeware ecosystems
Dish Network Corporation