Threat Intelligence & Detections Manager

Requisition Number: 154905

Position Title: Sr Software Engineer I - Security

External Description:

• Threat Intelligence & Detections Manager

  We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Apex Legends, Anthem, Battlefield, FIFA, The Sims, Need for Speed, Dead Space, and Star Wars, to name a few. But maybe you don’t know how we’re committed to creating games for every platform—from social to mobile to console—to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

  Summary

  The Threat Intelligence & Detections Manager plays a pivotal role in security risk management across EA. The role includes interfacing with external partners to collaborate on threat intelligence, planning and driving the detections program across EA, and where necessary, support the wider team with security incident response.

  This role is a senior position and is part of the Global Security Incident Response Team (GSIRT) Leadership team reporting directly to the Global Director of Security Incident Response.

  Previous hands on detections authoring for different tools/platforms, incident response and attack analysis aligned with the cyber kill chain principles will be especially effective in this role. Knowledge of malware analysis and malware reverse engineering is important but can also be cemented through training and on the job practice.

  Patience and a “get it done” attitude are qualities that are well-suited for this position. The successful candidate will also possess strong written and verbal communication, as you will be customer facing on a daily basis.

   

  Primary Responsibilities

  • Partner with externals to collaborate on threat intelligence.
  • Build and lead a mature detections program, including formal detections lifecycle – Initial focus is to ensure that all EA environments are covered by all basic attacks/TTPs before progressing to more advanced TTPs.
  • Work with incident response operations and Red Team to perform hunting activities across all EA environments to test for gaps and create new detections to address.
  • Work directly with GSIRT Leadership team to ensure that threat intelligence is acted on and drives our tactical planning, strategy and tools used.
  • Review and improve existing EA threat intelligence platform and partner with engineering team/developers to uplift as necessary.
  • Malware analysis and other attack analysis to extract indicators of compromise.
  • Assemble and coordinate with IR Operations, technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.

   

  Skills, Knowledge, and Abilities

  The ideal candidate will have the following skills and experience:

  • Previous hands on detections experience – external attacker TTPs and insider threat TTPs.
  • Experience with a threat intel platform (CRITS/MISP/ThreatQ etc).
  • An understanding of the Threat Intel data formats and standards (openioc, stix, taxii, maec).
  • Malware analysis and reversing experience (this can be developed but incumbent must have some prior experience).
  • Experience with scripting and use of threat intel APIs.
  • Current working knowledge of the industry threat landscape and tracking of cyber threats.
  • Understanding and experience of intrusions analysis and incident response.
  • Problem solving to learn new technical and non-technical analysis techniques to overcome problems.
  • Host and network-based forensics skills.
  • Ability to self-learn and maintain a strong proficiency in technical tools, countermeasures and techniques.
  • Strong Unix/Linux experience.
  • Understanding of TCP/IP fundamentals, network protocols, system administration and network architectures.
  • An understanding of Logging platforms and SIEMs e.g. Elastic, Splunk, ArcSight etc.
  • Understanding of log analysis and correlation.

   

  Additional Requirements

  • Must be willing to travel internationally to partner company locations and other global EA offices to foster and grow intelligence relationships to protect EA network and players.
  • Perform multiple critical assignments under deadline pressure in a fast-paced, high volume, office work environment.
  • The incumbent must effectively interact between the various internal departments and unit executives to accomplish business goals.
  • Effectively perform work at varying levels to include executive/strategic and detailed/analytical.
    
    
    

  What’s in it for you? Glad you asked!

  • Competitive salary plus annual bonus scheme
  • Central location in Guildford (5 minutes from main train station)
  • Private medical insurance & dental care
  • Pension scheme
  • Life insurance
  • Stock plans
  • Free onsite gym
  • Employee discounts
  • Rail season ticket loan
  • Annual game points and digital download allowance
  • Onsite café
  • 25 days holiday (including 3 days company shutdown days between Christmas & New Year)
  • Two annual staff parties (Summer & Christmas)
  • Casual dress code
  • Games Area

  
  
  

  We thought you might also want to know more about our location:

  http://careers.ea.com/our-locations/guildford

  
  
  

  
  

City:

State:

Community / Marketing Title: Threat Intelligence & Detections Manager

Company Profile:

We are a global team of creators, storytellers, technologists, experience originators, innovators and so much more. We believe amazing games and experiences start with teams as diverse as the players and communities we serve. At Electronic Arts, the only limit is your imagination.

EEOText:

About Electronic Arts

Everything we do is designed to inspire the world to play. Through our cutting-edge games, innovative services, and powerful technologies, we bring worlds with infinite possibilities to millions of players and fans around the globe.

We’re looking for collaborative and inclusive people with diverse perspectives who will enrich our culture and challenge us. We take a holistic approach with our benefits program, focusing on physical, emotional, financial, career, and community wellness to support our people through every chapter of life. We provide comprehensive benefit packages and support for a balanced life with paid time off and new parent leave, plus free games and so much more. Our goal is to provide a safe and respectful workplace that empowers you to thrive in both work and life.

Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.

Days Open: 79

Can this position be remote?:

EEO Employer Verbiage:

About Electronic Arts

Everything we do is designed to inspire the world to play. Through our cutting-edge games, innovative services, and powerful technologies, we bring worlds with infinite possibilities to millions of players and fans around the globe.

We’re looking for collaborative and inclusive people with diverse perspectives who will enrich our culture and challenge us. We take a holistic approach with our benefits program, focusing on physical, emotional, financial, career, and community wellness to support our people through every chapter of life. We provide comprehensive benefit packages and support for a balanced life with paid time off and new parent leave, plus free games and so much more. Our goal is to provide a safe and respectful workplace that empowers you to thrive in both work and life.

Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.