Our security analysts will be expected to perform a variety of duties during an average day including but not limited to log analysis, incident response, forensics, system/tooling development, and risk assessment, just to name a few. You must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right time frames to mitigate risks. Candidates also need to balance technical risks against business needs and be able to articulate risks and mitigations to members of the global team as well as member of leadership at various levels. You should have a good mix of deep technical knowledge and a demonstrated background in information security.

Basic Qualifications - Cyber Forensics B.S. in computer science, electrical engineering or closely related field 3+ years experience with host or digital forensics, static malware code disassembly/analysis, and/or runtime malware code analysis or network forensic experience (not including certification) Proficient working in a Windows environment Proficient in one more of the following computer languages Python, Bash or Powershell in order to support cyber threat detection or automation Experience with reconstructing a malicious attack or activity Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata Ability to create forensically sound duplicates of evidence (forensic images) Experience with disc forensic, creating images and using tools for analyzing Experienced with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc) Desired experience and proficiency with the following tools and techniques: EnCase, FTK, SIFT, X-Ways, Volatility, Sleuth Kit/Autopsy, Experienced with Windows Forensics (Windows Eventlogs, Registry, …) and creating the needed forensic/tirage images (Velociraptor, …) Experienced with Memory Forensics, creating dumps and analyzing the dump Experienced with tools for automatic compromise assessment and IOC searches on clients and analyzing the results Basic Qualifications - Incident Response B.S. in computer science, electrical engineering or closely related field 3 years of incident response experience (not including certification) Splunk (or other SIEMs) MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK) EDR Tools Carving and extracting information from PCAP data Designing cyber security systems and environments in an enterprise environment Virtualized environments Thorough understanding of enterprise security controls in Active Directory/Windows environments Experience with investigating using a wide variety of detective technologies such as SIEM, SOAR, packet capture analysis, host forensics and memory analysis tools. Experience with authentication, authorization, and auditing technologies and how they are implemented in different environments. Preferred Qualifications CVE certification Have presented at a security conference such as DefCon, BlackHat, RSA Conference, etc. Have at least one of the following certifications: SANS GIAC: GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH, ISC2: CCFP, CCSP, CISSP CERT CSIH, EC Council: CHFI, LPT, ECSA; Offensive Security: OSCP, OSCE, OSWP and OSEE; Defense Cyber Investigative Training Academy: FTK WFE-FTK, CIRC, WFE-E-CI, FIW Have experience building security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale Have broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence Have demonstrated experience in security analytics including security and machine learning, applications of data miniing to security, intrusion detection, anomaly detection, network security,etc. You are intellectually curious with a genuine desire to learn and advance your career. You are a critical thinker with excellent problem-solving skills Have knowledge of the Spanish or Portuguese language Experience operating in an international environment. Conduct malware analysis using static and dynamic methodologies (e.g., debuggers [Ollydbg], disassembler [IDA Pro], sandbox execution, etc.) Produce malware reports to disseminate to the watch floor and enterprise

BOSCH is a proud supporter of STEM (Science, Technology, Engineering & Mathematics) Initiatives FIRST Robotics (For Inspiration and Recognition of Science and Technology) AWIM (A World In Motion) By choice, we are committed to a diverse workforce – EOE/Protected Veteran/Disabled. For more information on our culture and benefits, please visit: Culture and Benefits | Bosch in the USA The U.S. base salary range for this full-time position is $125,000 - $140,000. Within the range, individual pay is determined based on several factors, including, but not limited to, work experience and job knowledge, complexity of the role, job location, etc. Your Recruiter can share more details about the specific salary range for this position during the interview process. In addition to your base salary, Bosch offers a comprehensive benefits package that includes health, dental, and vision plans; health savings accounts (HSA); flexible spending accounts; 401(K) retirement plan with an attractive employer match; wellness programs; life insurance; short and long term disability insurance; paid time off; parental leave, adoption assistance; and reimbursement of education expenses. Learn more about our full benefits offerings by visiting: https://www.myboschbenefits.com/public/welcome. Pay ranges included in the postings generally reflect base salary; certain positions may include bonus, commission, or additional benefits.