Primary Responsibilities-
Investigate cyber security incidents and threats. Interact with stakeholders and leadership teams as part of the response and remediation efforts.Improve the detection, escalation, containment and resolution of incidents.Enhance existing incident response methods, tools, and processes.Maintain knowledge of technologies and the threat landscape.Assist during non-core business hours during an emergency, critical or large-scale incident.
Qualifications:
Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques and procedures of attackers. This role requires a detail oriented, critical thinker who can anticipate issues and solve problems. Candidates should be able to analyze large datasets to detect underlying patterns and drive to a root cause analysis.
Required Skills:-
Understand the concept of a threat across multiple technologies and think like an adversary.Sound understanding of TCP/IP and networking concepts; security alerts and incidents.Excellent writing and presentation skills are required in order to communicate findings and recommendations.Experience with investigating common types of attacks; network packet analysis; log analysis and reviewing security events.Experience applying Open Source Intelligence (OSINT) techniques in support of investigations.-Knowledge on Windows processes and Active Directory.Able to work on extended working hours during incidents
Desired skills:-
Subject matter expert in one or multiple areas such as Windows, Unix, anti-virus, firewalls, intrusion detection, network and host based forensics-Scripting (Python, BASH, Perl, or PowerShell), coding or other development experience-In-depth knowledge of security event management, network security monitoring, log collection, and correlation-Experience in Splunk usage or administration-Experience in Security Orchestration and Automated Response (SOAR) usage-Industry certifications: GCIH, GNFA, GREM or other related SANS certifications-Experience in the financial industry-Understanding of Cloud Security-Knowledge on OWASP Top 10
