
1 - 10 employees
Thinkahead is a privately owned psychology firm working across both the clinical field of private practice as well as corporate consulting space.
🔥 0 minutes ago
Improve your chances of getting an interview by checking your resume score before you apply.

1 - 10 employees
Thinkahead is a privately owned psychology firm working across both the clinical field of private practice as well as corporate consulting space.
• Design and deploy ExtraHop sensor architectures across physical, virtual, and cloud environments, including sensor placement strategy for TAPs, SPAN ports, and VPC traffic mirroring in AWS and Azure • Configure and design packetstores for retention, query performance, and compliance requirements, including sizing decisions for high-throughput environments • Create custom detections and bundles tailored to client environments, moving beyond out-of-box detections to address specific threats and false-positive patterns • Develop custom dashboards in Reveal(x) using metrics, devices, and applications views, translating wire data into views that map to client SOC workflows and executive reporting needs • Build and maintain REST API integrations between ExtraHop and SIEM, SOAR, ticketing, and CMDB platforms, including custom triggers and open data stream configurations • Conduct network visibility assessments for prospective and existing clients, identifying blind spots in east-west traffic, encrypted traffic decryption coverage, and segmentation gaps • Collaborate with clients to optimize and fine tune their deployment and provide guidance to assist with the optimization of the platform. • Act as a technical resource for troubleshooting and resolving complex Extrahop related issues during and post-implementation. • Contribute to project documentation, ensuring clarity and completeness of Solution Designs and As-Built configurations. • Mentor junior AHEAD consultants, sharing your Extrahop knowledge and fostering their technical development.
• 6+ years of hands-on experience with ExtraHop Reveal(x) or Reveal(x) 360 in production environments or similar NDR solutions. • Experience deploying and administering ExtraHop Reveal(x) Enterprise or Reveal(x) 360 • Demonstrated experience deploying and tuning ExtraHop sensors, recordstores, and packetstores, including sizing, retention configuration, and performance troubleshooting • Strong grasp of wire data analysis: L2-L7 protocol behavior (TCP/IP, DNS, HTTP, etc), TLS/SSL decryption • Experience building custom detections, bundles, and dashboards beyond default configurations • Proficient in JavaScript and Python scripting for automation, customization, and workflow optimization • Working knowledge of at least one major SIEM (Splunk, XSIAM, Crowdstrike or equivalent) and experience integrating ExtraHop as a data source • Experienced in proactive threat hunting and incident investigations using the MITRE ATT&CK framework, Cyber Kill Chain, NIST Cybersecurity Framework (CSF), and CIS Critical Security Controls to identify adversary TTPs and strengthen detection and response capabilities. • Experience with cloud traffic mirroring (AWS VPC Traffic Mirroring, Azure vTAP, or GCP Packet Mirroring) is a strong plus • Solid Understanding of network security, cloud environments, Identity, Linux, Mac and Windows. • Strong analytical and troubleshooting capabilities. • Effective communication skills with the ability to engage with clients and Team members. • ExtraHop certification (ECS or equivalent) preferred or relevant industry certifications ( CISSP, CYSA, CEH, Security+, Pentest+, OSCP) are a plus.
• Medical, Dental, and Vision Insurance • 401(k) • Paid company holidays • Paid time off • Paid parental and caregiver leave • Plus more! See benefits https://www.aheadbenefits.com/ for additional details.
Apply Now🕒 Yesterday
Cyber Operations Lead responsible for managing cyber incident response operations at Chickasaw Nation Industries. Collaborating with teams to guide investigations and implement security strategies.
🕒 Yesterday
Senior Security Operations Center Analyst ensuring security of IT systems and data by handling investigations and security monitoring. Participating in threat hunting and incident response activities.
🕒 3 days ago
Senior GRC Auditor I ensuring compliance across SOC 1 & SOC 2 engagements. Building client relationships while evaluating security and compliance controls.
🕒 6 days ago
1001 - 5000
Cyber Operations Manager managing client relationships and service delivery at Optiv's Security Operations Center. Supporting operational excellence and driving security solutions across various domains.
🕒 June 30
Senior Manager overseeing global SOC operations at Kaseya for managing security across 3 million endpoints. Leading a 24/7 response team leveraging AI technologies for enhanced security.
🇺🇸 United States – Remote
💵 $170k - $180k / year
💰 $2M Venture Round on 2020-07
⏰ Full Time
🟠 Senior
🛡️ Security Operations
🦅 H1B Visa Sponsor