Global Information Defense Engineer
Under Armour is all about performance. Because what we make empowers athletes in every form to push themselves, to turn good into great, and to stay hungry for whatever comes next. And this is exactly what we expect from each other.
Working with us means one key thing: no matter what you do, you see every day and every project as a chance to push your field forward. In every store and every office, we build teams where everyone is an MVP. And together we tackle every challenge head on. Because we work to push the gear, the game, and ourselves farther.
We’re looking for people who do more than good work.
We’re looking for the Best in Every Game.
Under Armour is the chosen brand of this generation of athletes... and the athletes of tomorrow. We're about performance - in training and on game day, in blistering heat and bitter cold. Whatever the conditions, whatever the sport, Under Armour delivers the advantage athletes have come to demand.
That demand has created an environment of growth. An environment where building a great team is vital. An environment where doing whatever it takes is the baseline and going above and beyond to protect the Brand is commonplace.
The world's hungriest athletes live by a code, a pledge to themselves and everyone else: Protect This House... I Will. Our goal is to Build A Great Team! Will YOU…Protect This House?!
Summary / About this role:
The Global Information Defense Engineer (Cyber Hunt) is responsible for developing, implementing and managing the Threat Intelligence program, Active Threat Hunting program, and counter infiltration program for Under Armour Worldwide. The information defense engineer is responsible for developing a well rounded active threat intelligence and social media threat awareness program using commercially purchased and open source capabilities. The information defense engineer will develop a capability to collect, analyze and integrate actionable threat intelligence into corporate defenses. The information defense engineer will develop Behavior Anomaly based Threat Hunting methodologies as well as Black-Box threat hunting playbooks. The information defense engineer is responsible for interfacing with Networking, Compute/Storage, Collaboration, Cloud Engineering and Physical Security teams to disseminate actionable intelligence. Additionally, the information defense engineer will be responsible for correlating actionable threat intelligence with internal defense alerts.
- Develop, deploy and manage UA’s Global Threat Intelligence Program. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
- Develop, deploy, and manage a behavior hunting/threat hunting program. Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, Mac Operating System (OS), UNIX, Linux, as well as embedded systems, mainframes, and cloud infrstructure.
- Manage UA’s threat intelligence platforms. Monitor open source channels (e.g., vendor sites, Computer Emergency Response Teams, SysAdmin, Audit, Network, Security (SANS) Institute, Security Focus) to maintain a current understanding of Computer Network Defense (CND) threat condition and determine which security issues may have an impact on the enterprise.
- Develop capability to disseminate actionable intelligence to security defense tools and offices. Perform real‐time CND hunt and incident handling (e.g. forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks.
- Develop capability to log necessary events into a SIEM. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.
- Correlate threat intelligence with internal security events. Write and publish CND guidance and reports (e.g., engagement reports) on incident findings to appropriate constituencies.
- Manage endpoint security solution. Responsible for the design, deployment, and configuration of global endpoint solutions. Work closely with the UA Incident Response team and assist them with Intrusion Response activity with appropriate security countermeasures.
- Bachelors in computer-related discipline or relevant Work Experience
- 5-7 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
- CompTIA Net+, CompTIA A+, CompTIA Security +, CPTE - Certified Penetration Testing Engineer, or CEH - Certified Ethical Hacker preferred
- Expert understanding of common networking protocols such as HTTP, DNS, and SMB.
- Fundamental understanding of Linux and Windows operating systems. Possesses a forensic, malware analysis and reversing, PCAP analytics, or programming background.
- Working knowledge of popular Network and Host Security tools, SIEM and IR platforms. Expert in threat intelligence collection, analytics and dissemination methodologies. Expert-level experience with analyzing network, firewall, IPS, and system logs.
- Possess a mix of expert knowledge of Threat Intelligence, Threat hunting, and counter infiltration endpoint protection that will enable us to proactively defend our corporate exposures
At Under Armour, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Under Armour believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.