The Intuit Adversary Management team is looking for a security professional who has skills and familiarity of security frameworks, attack surfaces, big data, software development, cloud environments and artificial intelligence (AI). We're using data in groundbreaking ways to uncover insights on how adversaries are emerging with their techniques, tactics and procedures (TTP's). This individual will help support our team by building AI/ML technologies, driving requirements for collecting and storing data from various sources, correlating and analyzing data to understand adversaries motives and intent. This individual will closely work with their team to present requirements and drive solutions that align with the Intuit Adversary Management team's mission.
Responsibilities: • Use AI & ML and Big Data to identify emerging threats on the attack surface, identify threat actors, relate basic indicators and TTPs to make informed security decisions • Collection of adversary tactics, techniques, and procedures (TTP's) across mobile, web, and cloud infrastructure • Ability to identify and categorize basic TTPs to a given threat actor • Understanding of basic indicators from a given TTP's • Mapping threats to risks on the attack surface • Using active and passive reconnaissance techniques to find and enumerate networks and understand potential vulnerabilities • Advanced understanding of the differences between non-security related data and security signals. • Ability to perform basic data QA tasks as part of handling data feeds • Experience using source control (github), software development lifecycle and understanding of software design/architecture and fundamentals (algorithms and data structures). • Strong understanding of the customer problem being solved, and experience defining and validating the customer problem. • Basic understanding of architecture patterns; web, messaging, storage • Proactively identifies slow performing code, understands the execution and works with the team to improve performance of slow performing code. • Public Cloud: Fundamental knowledge of Cloud Networking, Cloud Computing, Cloud File Systems, Cloud Databases, and Storage. • Basic understanding of Containers • Can discover and walk through abuse cases specific to the choice of technologies (internal or third party). • Demonstrates product intuition and, with support, develops modeling solutions to solve business problems • Writes queries that join multiple tables and sources of data, applies filters, and partitions data
Qualifications: • 3+ years of experience with adversary intel collection, data analysis, and \ or security testing • Experience with network discovery and application fingerprinting • 2+ years of experience with building AI and ML models • 3+ years of experience with SQL, NoSQL, Big Data, Graph data warehouses and analysis tools. • 2+ years of experience using scripting languages, preferably python • Experience with at least one cloud environment; AWS, GCP, etc • 2+ years of experience with web services (consuming or creating) with REST or SOAP • Familiarity with BI and analytic tools, preferably Google Big Query and LookerStudio • BS/MS in computer science \ mathematics \ data science or equivalent work experience • Solid communication skills: Demonstrated ability to explain complex technical issues to both technical and non-technical audiences • Always Be Learning: Demonstrate advanced critical thinking and trouble-shooting capabilities to assess, prioritize, plan, and implement tasks and solutions effectively, including the ability to manage multiple projects at a time