Feb 21
Top Secret
Mid Level Career (5+ yrs experience)
$125,000 - $150,000
No Traveling
IT - Security
Arlington, VA (On-Site/Office)
Required:
• Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years.
• SIEM experience required with Splunk preferred.
• EDR experience required
• Knowledge of common attacker tools, techniques and procedures (TTP)
• Experience with major cloud service provider offerings
• Knowledge of malware
• Knowledge of enterprise architecture including zero trust principles
• Knowledge of Windows and Linux operating systems
• Knowledge of common phishing techniques and how to investigate them
• Proficiency in technical writing
• Able to accurately and succinctly convey information through speaking, email, and presentations
• Comfortable in customer facing environments
• Ability to maintain a positive customer service mentality
Responsibilities:
• Utilize security tools to analyze, investigate, and triage security alerts
• Monitor our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
• Perform in-depth analysis and investigation of high-priority cybersecurity incidents
• Utilize advanced tools, such as host based digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impact
• Collaborate with cyber threat hunting and cyber threat intelligence teams
• Participate in the development, implementation, and tuning of the SOC tools detection content and alerting signatures.
• Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
• Learn new open and closed-source investigative techniques
• Perform research into emerging threats and vulnerabilities to aid their prevention and mitigation
Help shape the evolution of processes and procedures of the SOC
• Bachelor’s degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years.
• SIEM experience required with Splunk preferred.
• EDR experience required
• Knowledge of common attacker tools, techniques and procedures (TTP)
• Experience with major cloud service provider offerings
• Knowledge of malware
• Knowledge of enterprise architecture including zero trust principles
• Knowledge of Windows and Linux operating systems
• Knowledge of common phishing techniques and how to investigate them
• Proficiency in technical writing
• Able to accurately and succinctly convey information through speaking, email, and presentations
• Comfortable in customer facing environments
• Ability to maintain a positive customer service mentality
Responsibilities:
• Utilize security tools to analyze, investigate, and triage security alerts
• Monitor our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
• Perform in-depth analysis and investigation of high-priority cybersecurity incidents
• Utilize advanced tools, such as host based digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impact
• Collaborate with cyber threat hunting and cyber threat intelligence teams
• Participate in the development, implementation, and tuning of the SOC tools detection content and alerting signatures.
• Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
• Learn new open and closed-source investigative techniques
• Perform research into emerging threats and vulnerabilities to aid their prevention and mitigation
Help shape the evolution of processes and procedures of the SOC
group id: 91085617
