Vacancy expired!
- Monitoring dashboards and intrusion detection and prevention systems (IDS/IPS)
- Performing initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts
- Performing initial malware analysis utilizing automated means
- Supporting cyber defense functions to protect our clients from cyber security incidents that have potential to cause negative impact
- Incident intake, ticket updates and reporting of cyber events
- Use SOC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents
- Understanding, identifying and researching IOCs
- Uploading packets and evaluating source/destination activity and payloads
- Assisting in recommendations for content to detect incidents, including IOCs for blocking and detection
- This position requires the ability to work a shift schedule and support coverage efforts on a 24x7x365 basis which includes work on holidays, nights, & weekends.
- Bachelor's Degree or 4+ years of any IT Work Experience
- 8570 IAT Level 1 Certification (i.e. A+ or CCNA-Security or Network+) OR Higher IAT Level Certification (ex. Security+ OR SSCP Certification)
- Security+ Certification and OR 6+ months of Cyber or Help Desk IT Work Experience in a professional environment
- US Citizenship (No Dual Citizenship)
- Bachelor's Degree
- Experience monitoring AntiVirus, Intrusion Detection Systems, Firewalls, Active Directory, Web
- Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments
- Experience working with Security Information and Event Management (SIEM) solutions is a plus
- Familiarity with various network and host based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages. Host based forensics and malware analysis experience.
- Previous experience working in a large government or corporate enterprise environment.
- Experience on a Computer Incident Response Team (CIRT), Computer Emergency Response
- Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
- RSA Security Analytics / NetWitness
- Splunk, including Splunk for Enterprise Security
- SourceFire/FirePower/Snort
- McAfee ePO, HIPS
- FireEye NX, EX, HX
- Devo
- Palo Alto XSOAR
Vacancy expired!