Vacancy expired!
- Track and capture intelligence on threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)
- Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from a variety of security applications
- Perform Root Cause Analysis of security incidents to develop enhancements in existing alerting tools
- Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to Management
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Develop advanced queries and alerts to detect adversary actions
- Ability to present technical findings to executives
- Train junior staff on threat hunting and penetration testing activities
- Document findings and create best practice procedures
- Bachelor's Degree or Master's Degree in Computer Science, Engineering or related discipline preferred; or equivalent combination of work experience and certifications.
- 10+ years of experience in Information Security
- 3+ years of experience with the incident response process, including detecting advanced adversaries, and malware triage
- Experience with packet analysis and usage of deep packet inspection toolsets.
- Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK framework
- Familiarity with EDR/SOAR/Anomaly detection solutions
- 3+ years penetration testing experience
- 3+ years threat hunting experience
- Prior experience working with in the following areas:
- Building custom exploits
- History of CVEs
- Strong programming in any language
- Forensics and Malware Analysis
- Experience with APTs and mapping threat hunting to various security frameworks
- Extra-vocational hunting and penesting engagement like Capture-The-Flag contests, meetups/conferences, bug bounty hunting, etc
- Advanced Cyber Security certifications such as: CISSP, OSCE, GCTI
Vacancy expired!