Xilinx develops highly flexible and adaptive processing platforms that enable rapid innovation across a variety of technologies - from the endpoint to the edge to the cloud. Xilinx is the inventor of the FPGA, hardware programmable SoCs and the ACAP (Adaptive Compute Acceleration Platform), designed to deliver the most dynamic processor technology in the industry and enable the adaptable, intelligent and connected world of the future in a multitude of markets including Data Center (Compute, Storage and Networking); Wireless/5G and Wired Communications; Automotive/ADAS; Emulation & Prototyping; Aerospace & Defense; Industrial Scientific & Medical, and others. Xilinx's core strengths simultaneously address major industry trends including the explosion of data, heterogeneous computing after Moore's Law, and the dawn of artificial intelligence (AI).
Our global team is growing and we are looking for bold, collaborative and creative people to help us lead the industry transformation to build an adaptable intelligent world. We believe that by embracing diverse ideas, striving for excellence in all that we do, and working together as a unified team, we can accomplish anything. Come do your best work and live your best life as part of the ONEXILINX team!
Job Description for Senior SOC Lead (Threat Hunting capabilities)
- Well-versed in performing comprehensive analysis of suspicious / critical events to hunt for potential security threats.
- Manage to lead ISOC team and 24x7 operation, produce KPIs to showcase SOC effectiveness
- Work with ISOC team to develop new (custom) use cases to identify similar threats and also help the team integrating threat intelligence feeds subscribed from external reliable sources
- Adversary Disruption – Leveraging tactical, technical and legal capabilities to eradicate threat.
- Leverage threat intel reports from various sources and threat advisories to perform threat hunting activities and ensuring that the required remediation measure are in place
- Threat hunter role demands predicting capabilities towards various potential attacks and associated risks
- Practical exposure to identify potential malicious activity from memory dumps, logs, and packet captures
- Having strong focus on identifying potential malicious activity from various log sources, including packet captures and memory dumps
- Create, executive and detailed reporting to provide an assessment with recommendations on how to improve security capabilities and posture
- Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
- Practical exposure of leading Blue team activities with internal security team
- Must strive to consume data from disparate threat intel sources and formats (like STIX, TAXI, VERIS, etc.) and enable to leverage them appropriately to identify new threats
- Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix
- Must have oral & written communications skills and good time-management
- You should be able to identify, analyze, and report threats within the cloud environment to protect data and cloud service operations
- Demonstrated to advanced experience with computer networking and operating systems
- Demonstrated to advanced experience of current threats, vulnerabilities, and attack trends
- Proactively drive hunting and analysis against available datasets; improve and expand the toolset
- Familiarity with: Netflow data, DNS, Proxy, Firewall, Mail, PCAP and Windows Logs, AD Infrastructure
- Experience with some/all of: Splunk, enterprise vulnerability scanners, nmap, pcap systems, DLP tools, enterprise network proxies
- Critical thinking and problem solving skills.
10years of relevant experience in cybersecurity or computer network defense. SANS Certified will be a plus.