Threat Intelligence & Detections Manager

Requisition Number: 154905

Position Title: Sr Software Engineer I - Security

External Description:

• Threat Intelligence & Detections Manager

  We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Apex Legends, Anthem, Battlefield, FIFA, The Sims, Need for Speed, Dead Space, and Star Wars, to name a few. But maybe you don’t know how we’re committed to creating games for every platform—from social to mobile to console—to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

  Summary

  The Threat Intelligence & Detections Manager plays a pivotal role in security risk management across EA. The role includes interfacing with external partners to collaborate on threat intelligence, planning and driving the detections program across EA, and where necessary, support the wider team with security incident response.

  This role is a senior position and is part of the Global Security Incident Response Team (GSIRT) Leadership team reporting directly to the Global Director of Security Incident Response.

  Previous hands on detections authoring for different tools/platforms, incident response and attack analysis aligned with the cyber kill chain principles will be especially effective in this role. Knowledge of malware analysis and malware reverse engineering is important but can also be cemented through training and on the job practice.

  Patience and a “get it done” attitude are qualities that are well-suited for this position. The successful candidate will also possess strong written and verbal communication, as you will be customer facing on a daily basis.

   

  Primary Responsibilities

  • Partner with externals to collaborate on threat intelligence.
  • Build and lead a mature detections program, including formal detections lifecycle – Initial focus is to ensure that all EA environments are covered by all basic attacks/TTPs before progressing to more advanced TTPs.
  • Work with incident response operations and Red Team to perform hunting activities across all EA environments to test for gaps and create new detections to address.
  • Work directly with GSIRT Leadership team to ensure that threat intelligence is acted on and drives our tactical planning, strategy and tools used.
  • Review and improve existing EA threat intelligence platform and partner with engineering team/developers to uplift as necessary.
  • Malware analysis and other attack analysis to extract indicators of compromise.
  • Assemble and coordinate with IR Operations, technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.

   

  Skills, Knowledge, and Abilities

  The ideal candidate will have the following skills and experience:

  • Previous hands on detections experience – external attacker TTPs and insider threat TTPs.
  • Experience with a threat intel platform (CRITS/MISP/ThreatQ etc).
  • An understanding of the Threat Intel data formats and standards (openioc, stix, taxii, maec).
  • Malware analysis and reversing experience (this can be developed but incumbent must have some prior experience).
  • Experience with scripting and use of threat intel APIs.
  • Current working knowledge of the industry threat landscape and tracking of cyber threats.
  • Understanding and experience of intrusions analysis and incident response.
  • Problem solving to learn new technical and non-technical analysis techniques to overcome problems.
  • Host and network-based forensics skills.
  • Ability to self-learn and maintain a strong proficiency in technical tools, countermeasures and techniques.
  • Strong Unix/Linux experience.
  • Understanding of TCP/IP fundamentals, network protocols, system administration and network architectures.
  • An understanding of Logging platforms and SIEMs e.g. Elastic, Splunk, ArcSight etc.
  • Understanding of log analysis and correlation.

   

  Additional Requirements

  • Must be willing to travel internationally to partner company locations and other global EA offices to foster and grow intelligence relationships to protect EA network and players.
  • Perform multiple critical assignments under deadline pressure in a fast-paced, high volume, office work environment.
  • The incumbent must effectively interact between the various internal departments and unit executives to accomplish business goals.
  • Effectively perform work at varying levels to include executive/strategic and detailed/analytical.
    
    
    

  What’s in it for you? Glad you asked!

  • Competitive salary plus annual bonus scheme
  • Central location in Guildford (5 minutes from main train station)
  • Private medical insurance & dental care
  • Pension scheme
  • Life insurance
  • Stock plans
  • Free onsite gym
  • Employee discounts
  • Rail season ticket loan
  • Annual game points and digital download allowance
  • Onsite café
  • 25 days holiday (including 3 days company shutdown days between Christmas & New Year)
  • Two annual staff parties (Summer & Christmas)
  • Casual dress code
  • Games Area

  
  
  

  We thought you might also want to know more about our location:

  http://careers.ea.com/our-locations/guildford

  
  
  

  
  

City:

State:

Community / Marketing Title: Threat Intelligence & Detections Manager

Company Profile:

Electronic Arts Inc. to światowy lider w dziedzinie produkcji interaktywnego oprogramowania rozrywkowego. EA oferuje gry, treści i usługi internetowe dla podłączonych do internetu konsol, komputerów osobistych, telefonów komórkowych i tabletów.

EEOText: EA jest pracodawcą realizującym politykę równych szans w zatrudnieniu. Wszystkie decyzje dotyczące pracowników są podejmowane bez względu na: rasę, kolor skóry, przynależność etniczną, kraj pochodzenia, płeć, tożsamość płciową, orientację seksualną, wiek, informację genetyczną, wyznanie, niepełnosprawność, stan zdrowia, stan cywilny lub rodzinny, status kombatanta. EA dostosowuje miejsca pracy dla niepełnosprawnych pracowników lub kandydatów zgodnie z obowiązującym prawem.

Days Open: 79

Can this position be remote?:

EEO Employer Verbiage:

EA jest pracodawcą realizującym politykę równych szans w zatrudnieniu. Wszystkie decyzje dotyczące pracowników są podejmowane bez względu na: rasę, kolor skóry, przynależność etniczną, kraj pochodzenia, płeć, tożsamość płciową, orientację seksualną, wiek, informację genetyczną, wyznanie, niepełnosprawność, stan zdrowia, stan cywilny lub rodzinny, status kombatanta. EA dostosowuje miejsca pracy dla niepełnosprawnych pracowników lub kandydatów zgodnie z obowiązującym prawem.