Mocana is a network security technology company based in San Francisco's Financial District. Mocana is searching for talented, experienced, highly focused individuals who take pride in their work and are dedicated to getting results. We provide a wide range of high-performance security software for embedded and non-embedded devices. If you are looking for a life-changing opportunity with us in engineering, product management, sales or marketing, we'd like to hear from you.
Mocana is an equal opportunity employer.
******For immediate consideration email resume to our In-house recruiter Jennifer Ciaccio: firstname.lastname@example.org******
You will direct a “threat center” to identify, evaluate, investigate and respond to security vulnerabilities and incidents, such as reports of device vulnerabilities, reported hack vectors, hacking attempts, unauthorized scanning, virus outbreaks, denial of service attacks, botnets and other detected events targeting non-PC smart devices and embedded systems.
Under the direction of the CTO, you'll respond to incoming security threat reports in a timely manner through the early identification, rapid escalation and root-cause analysis of security threats and vulnerabilities collected by Mocana. You will take a lead role in producing analysis and mitigation reports, to help clients contain and remediate threats before their businesses are impacted.
You are responsible for leading analysis and reporting activities across the full process lifecycles for device threat and vulnerability management and device incident management, and will be accountable for driving process standardization and collaboration across sites and business areas to assure their effective implementation.
You will work independently in performing proactive activities such as device threat analysis, vulnerability assessments and investigations, determining causes of device security breaches and research, recommend, and implement changes to procedures to protect device data from future attacks.
You will design and implement alerts with specific business rules that detect critical events or learn of critical vulnerabilities that should lead to timely actions that prevent and/or minimize business-impacting security incidents for our clients.
This specific role will be US-based but has global accountability.
Primary activities include but not limited to the following:
Discover and bring-online new sources of device security intelligence. Monitor information security websites such as US-CERT, SANS Storm Center, BugTraq, etc to stay current with emerging threats.
Validate incoming reports of threats, attacks and vulnerabilities, and rank for severity and potential impact.
Maintain and effectively apply a broad and deep understanding of information security, incident response and investigation practices and state of the art knowledge of security threats and effective application of risk mitigating controls.
Maintain and effectively applie broad understanding of embedded CPU and RTOS (ie, non-PC) environments.
Detect and investigate reports of suspicious events and quickly recommend mitigating actions our clients can take to prevent or minimize impact.
Play a lead role in the continuous assessment of information security threats and vulnerabilities on a plethora of non-PC device platforms.
Evaluate typical security processes in client and user environments, and make recommendations for improvement.
Lead and execute the security investigative process using computer forensics when needed.
Be familiar with emerging technologies, policies and practices for performing digital forensics activities such as investigations and evidence gathering.
Advise our clients' security administrators, business areas and IT personnel on best practices or mandatory controls as outlined in existing policy and standards.
Write analysis reports and develop security documentation, technical documentation and audit reports as for the Mocana Threat Center, as required.
At least 10 combined years of experience in security incident management, investigations/computer forensics, threat/vulnerability management and infrastructure management.
CISSP certification or equivalent
Demonstrated expertise in embedded systems, network protocols, management tools and technologies with deep understanding of network security.
Demonstrated understanding of various techniques and threats utilized by hackers such as viruses, botnets, social engineering techniques, DDoS, worms, Trojans, spoofing, phishing.
Ability to evaluate/deconstruct malware.
Proven success in building strong relationships across technology centers and business aligned client organizations.
Experience in leading projects through successful implementation.
Excellent facilitation, problem solving, and decision making skills.
Excellent written, listening, communication skills with strong attention to detail.