Hello, Hope you are doing well !! My name is Ira and I'm Executive Technical Recruiter at Vbeyond Corporation, a global staffing and IT consulting company. We are constantly on the lookout for professionals to fulfill the staffing needs of our clients, and we currently have a job opening that may interest you. Below is the summary of the position. If you feel interested in applying for this potential job opportunity, I request you to please reply with your updated resume and below details.
JD:
This position is responsible for the analysis and containment of security incidents in our network using a range of tools: EDR, logs, netflow, and other data sources. The analyst collaborates with other IT teams to complete the eradication of threats during the Incident Response process. This role serves as a point of escalation and review for complex and high-severity cases referred from the 24x7 SOC and other analysts. This role uses the insights gained through those other activities to tune existing detections and develop new threat identification techniques tailored to our environment.
ROLE RESPONSIBILITIES
· Analyze security incidents. Research and resolve or engage subject matter experts · Collaborate with other IT teams to eradicate threats and to optimize our systems for prevention · Develop new threat detection techniques using the log and reference data available in our SIEM · Support other IT teams in the tuning and integration of security tools · Collect forensic data for in-house investigations
TECHNICAL QUALIFICATIONS
· Familiarity with SIEM (preferably Splunk), EDR (preferably CrowdStrike) and other analytical tools · Familiarity with incident response protocols and tools (RTR, KAPE, etc.) · Strong understanding of Windows and Active Directory permissions, common exploits, and log data · Familiarity with Linux permissions, common exploits, and log data · Strong understanding of SMTP, HTTP, and TCP/IP traffic management and analysis · Working knowledge of common diagnostic tools like nmap, procmon, bind, etc. · Knowledge of fundamental security technologies such as firewalls, anti-malware agents, security logging/tracing, encryption and signatures, PKI · Proficiency with Excel, pivot tables, PowerQuery, and other ad hoc analytical tools · Familiarity with scripting in Powershell and/or Python, desired
GENERAL QUALIFICATIONS
· Minimum five years of experience in information security. · Previous experience supporting computer networks, operating systems, software, and hardware · Self-reliance and independent investigation, make optimal use of existing data in problem analysis · Strong process awareness – adhere to existing procedures during incident handling and participate in after-action reports to improve those procedures · Analytical and problem-solving skills to independently assess risks, threats, patterns, and trends from raw data. Understand opportunities to increase insights through data enrichment. · Strong interpersonal skills, ability to work with non-security colleagues on both procedural and technical matters · Strong writing skills to describe complex technical problems with structure and clarity · Organize information to convey timing, cause, effect, and desired outcome · Document complex SOPs in a form that can be followed during incident response
EDUCATION REQUIREMENTS
· B.S. in Computer Science or Software Engineering |
Comments
Post a Comment
Thanks