Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Deploy and maintain security sensors and tools
- Administrating the AV and deep security for end points
- Monitoring all security logs with the cooperate.
- Monitor security FWs and review logs/threats to identify intrusions
- Use high-level scripting/programming language to extract, de-obfuscate, or otherwise manipulate malware related data
- Work directly with cyber threat intelligence analysts to convert intelligence into useful detection
- Collaborate with incident response team to rapidly build detection rules as needed
- Identify incident root cause and take proactive mitigation steps with the network security team.
- Review vulnerabilities and track resolution
- Develop and implement detection use cases
- Develop and implement IDS/IPS signatures
- Assist with incident response efforts
- Create and brief customer reports
- Participate in on-call rotation for after-hours security and/or engineering issues
- Perform customer security assessments
Job Requirements
- BSc degree in Computer Science or related field or 4 additional years of work experience
- 6-10 years of IT experience
- 6 years of experience working in a Security environment
Advanced training on anomaly detection; tool-specific training for data aggregation and analysis and threat intelligence - Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance
- Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
- Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs
- Strong understanding of security compliance standards and frameworks (PCI, ISO, SOX, etc)
- Familiar with IoT security
- Sys admin skills (Linux/Mac/Windows); programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more); security skills (CISSP, GCIA GCIH, GCFA, GCFE)
- Fuse locally derived and externally sourced cyber threat intelligence into signatures, detection techniques, and analytics intended to detect and track the advanced threat
- Strong understanding of root causes of malware infections and proactive mitigation
- Strong understanding of lateral movement and footholds
- Strong understanding of data exfiltration techniques. Demonstrated ability in critical thinking, problem solving, and analytics
- Real world experience analyzing complex attacks and understand TTPs of threat actors
- Experience in network/host based intrusion analysis, malware analysis, forensics, and cyber threat intel
- Knowledge of advanced threat actors and complex attacks
- Knowledge of Splunk/Qradar/logarithm/steal watch/SolarWinds