AI Security Summary:

Plume AI Security provides cybersecurity for the Smart Home, using Artificial Intelligence (AI)/Machine Learning (ML) technology that learns and baselines IoT device behaviors and alerts on anomalies. The technology is being deployed at global scale, to retail and ISP customers.

Role: 

Plume is recruiting a world-class Security Operations Center (SOC) Team entrusted to securing and protecting our consumer smart homes from constantly evolving cyber security threats. This is a key role and crucial capability for the company, in an emerging high growth business.

The SOC will complement the Plume Network Operations Center (NOC) and Support teams for resolving end consumer/user security events and will work closely with Product Management and Engineering R&D teams to enhance our software Security Information and Event Management (SIEM), Data Analytics and AI capabilities in the Cloud.

 Responsibilities: 

• As the Security Operations Engineer, you will be responsible for managing the 24/7/365 Incident Response and Triage Lifecycle function using Plume SIEM to monitor reported network events, investigate, research and classify them as threats or false positives with appropriate remediation.
• You will work with Support and NetOps teams to mitigate and resolve customer issues related to AI Security, develop runbooks for alert and incident response, and work with Threat Intelligence vendors to modify their classification as appropriate.
• As part of threat hunting, you will research zero-day and known vulnerabilities and attacks and develop high confidence resolution of real threats vs. false positives. You will maintain strong awareness of events in the external community to identify threats and opportunities for enhancement
• As part of triaging false positives, work with Data Science and SIEM teams to improve ML models and provide recommendations to Security Operation Team
• To help test AI Security, you will help own, set up, and manage an IoT cyber threat lab and assist with discovering methods of initial compromise, lateral movement, pivoting, persistence, privilege escalation, and defense evasion.
• You will provide your expertise to drive the AI Security roadmap and strategy

Requirements:

• Above all: passion for cyber security, grit, tireless, resourceful, can-do attitude, team player
• Strong systems background - Linux, Wireshark, Networking
• Strong interest in Smart Home - understanding of dujour personal and IoT devices and their behaviors, home networking setup
• 2+ year experience in or managing security operations, working security alerts and incidents
• 2+ year experience with security event collection, filtering, indexing, analysis, correlation & alerting
• 1+ year using and building upon at least one SIEM product
• Competent with running SQL queries or search queries using NoSQL data stores
• Competent with scripting languages, able to query external APIs, automate repetitive tasks
• 1+ year in AWS
• 2+ year of some combination of:
  • Digital Forensics experience
  • Incident Response experience
  • Blue Team experience
  • Threat Hunting experience
• Bachelor or Master’s degree in CS/EE with focus on InfoSec a plus.