Apply for this Job
Required:
• Bachelor's degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years.
• SIEM experience required with Splunk preferred.
• EDR experience required
• Knowledge of common attacker tools, techniques and procedures (TTP)
• Experience with major cloud service provider offerings
• Knowledge of malware
• Knowledge of enterprise architecture including zero trust principles
• Knowledge of Windows and Linux operating systems
• Knowledge of common phishing techniques and how to investigate them
• Proficiency in technical writing
• Able to accurately and succinctly convey information through speaking, email, and presentations
• Comfortable in customer facing environments
• Ability to maintain a positive customer service mentality Responsibilities:
• Utilize security tools to analyze, investigate, and triage security alerts
• Monitor our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
• Perform in-depth analysis and investigation of high-priority cybersecurity incidents
• Utilize advanced tools, such as host based digital forensics or malware analysis capabilities, to identify incidents' root causes, scope, and impact
• Collaborate with cyber threat hunting and cyber threat intelligence teams
• Participate in the development, implementation, and tuning of the SOC tools detection content and alerting signatures.
• Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
• Learn new open and closed-source investigative techniques
• Perform research into emerging threats and vulnerabilities to aid their prevention and mitigation Help shape the evolution of processes and procedures of the SOC
Date Posted: 04 April 2025
Apply for this Job