Threat Management Associate

Location: Tampa, FL Description: Position Summary

• The Threat Management Associate will perform detection and analysis activities through the monitoring of security appliances, such as, SIEM, IDS/IPS, EDR, and other Threat Detection platforms.
• The Threat Management Associate will conduct in-depth analysis of cyber alerts to confirm a compromise has occurred and lead/assist in necessary response steps based on the Incident Response Plan and perform additional tasks for the Cyber Blue Team.

• Provide technical leadership for a team of analysts who continuously perform monitoring and triage of alerting to determine what is actionable while prioritizing incidents based on risk.
• Lead the continuous monitoring, identification, intake, triage, response, containment, remediation, and resolution of cyber incidents by identifying root cause while prioritizing incidents based on risk.
• Analyze data from various sources to identify possible risk indicators, determine possible root cause and identify preventative actions.
• Proactively conduct research.

• Strong understanding of incident response processes, workflows, communications and reporting, escalations, and cross-department collaboration.
• Previous hands-on experience with modern security tools such as SIEM/SOAR, EDR/XDR, NGFW, EUBA, and DLP.
• Experience with Windows file system and registry functions or Linux/Unix operating systems and command line tools.
• Working knowledge of various security methodologies and processes, and technical security solutions (i.e., firewalls, proxies, and intrusion detection systems),
• Working knowledge with analyzing cyber-incidents and determine root cause,
• Extensive knowledge of network and server security products, technologies, and protocols,
• Knowledge of common security vulnerabilities including OWASP Top 10.
• Strong dynamic and static malware analysis skills.
• Skill and work experience in scripting are a great plus (Shell scripting, Python, PowerShell).
• Excellent written and verbal communication skills,
• Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
• Strong technical writing, documentation, and communication skills necessary to create and present findings to C-level management,
• 3+ years of experience working within a SOC and/or handling incidents,
• Security certification(s) and/or official training, such as CompTIA Sec+, CompTIA CySa+, GCIH, CSIH, ECSA, CHFI, ECIH, CEH, AWS SA, similar, or degree are a plus.