Listing Description
Desirable Skills:
Experience with security tools including SIEM, EDR, AV, CASB, Next-gen Firewalls, and VPN.
Experience with system and network artifacts.
Working knowledge of the MITRE ATT&CK framework.
Familiarity with various cloud environments and containerization technologies (AWS, Azure, O365, Docker, Kubernetes).
Functional and practical experience with at least one development or scripting language/framework (e.g. PowerShell, Python, .Net) and regular expressions.
Minimum Qualifications:
Bachelor’s Degree in Information Security, Computer Science, or equivalent combination of education, training, and experience.
Three or more years in an Incident Response or Security Operations Center (SOC) role.
Background in information technology with an emphasis on network or systems administration.
Hold or willingness to obtain certifications such as GCIH, GCFE, GCIA, CISSP or other relevant security certifications.Triage, pivot and correlate across multiple network and host-based log sources.
Analyze system artifacts and memory for evidence of compromise.
Proactively hunt for and identify malicious activity in various log sources using threat intelligence and other indicators of compromise.
Communicate and collaborate with all areas of the business including executive leadership to educate and inform throughout the incident response lifecycle.
Continually improve incident response procedures and documentation.
Engage with Detection Engineering and Red Team to identify opportunities to better monitor/detect suspicious behavior and automate response capabilities.
Keep up to date on evolving cyber threats and identify methods to detect them.
Participate in an on-call rotation.
Listing Details
- Citizenship: No Requirements
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Optional Telecommute