Listing Description
This position will provide support to investigations involving security incidents. During the course of an investigation, this role will involve collecting evidence and indicators from network, mobile, and desktop devices in the pursuit of remediation and possible legal action. This role will require identifying areas where efficiencies can be gained, understanding processes, and writing code. Nisos is looking for a teammate who has strong problem solving skills, an interest in continuous learning, and has the ability to communicate with both technical and non-technical stakeholders.In-depth knowledge of common network protocols and applications (TCP/IP, UDP, DNS, HTTP, FTP, SSH)
3+ years working in a SOC or similar environment
High level of comfort with Windows and Linux CLI tools
Comfortable with at least one scripting language
Experience with SIEM/Log management solutions (Arcsight, Splunk, ELK)
Experience performing forensic analysis on PC, Mac and Mobile devices
Ability to gather evidence from network devices such as routers, switches and firewalls
Experience with digital evidence collection (volatile and non-volatile)
Familiarity with a common forensic framework (Encase, FTK, Axiom, Sleuthkit)
Experience with evidence handling and chain of custody documentation
Ability to de-escalate high-pressure situations, synthesize the big picture and be able to rapidly\accurately communicate with both technical and non-technical stakeholders
Office 365 administration
Experience conducting email investigations with Office 365
Proficient in log analysis (Windows and Unix)
Know how to conduct network analysis (tcpdump,wireshark, etc)
Have hands on experience utilizing OSINT tools and techniques
Good understanding of security threats and risks to the enterprise/business
Excellent problem-solving abilities
Experience deploying hardware security solutions and providing customer guidance as needed.
Able to lift 30lbs.
Preferred: Strong Powershell skills
Preferred: Experience working in the intelligence community or law enforcement
Preferred: Malware analysis
Preferred: Tools of the trade including RegEx, YARA, Maltego, CRITS, MISP
Preferred: Intelligence collection experience
Listing Details
- Salary: $150000 - $170000
- Citizenship: No Requirements
- Incentives: Bonus
- Education: High School Diploma
- Travel: Travel 50
- Telework: Optional Telecommute