Administrating the AV and deep security for end points
Monitoring all security logs with the cooperate.
Monitor security FWs and review logs/threats to identify intrusions
Use high-level scripting/programming language to extract, de-obfuscate, or otherwise manipulate malware related data
Work directly with cyber threat intelligence analysts to convert intelligence into useful detection
Collaborate with incident response team to rapidly build detection rules as needed
Identify incident root cause and take proactive mitigation steps with the network security team.
Review vulnerabilities and track resolution
Develop and implement detection use cases
Develop and implement IDS/IPS signatures
Assist with incident response efforts
Create and brief customer reports
Participate in on-call rotation for after-hours security and/or engineering issues
Perform customer security assessments
Job Requirements
BSc degree in Computer Science or related field or 4 additional years of work experience
6-10 years of IT experience
6 years of experience working in a Security environment
Advanced training on anomaly detection; tool-specific training for data aggregation and analysis and threat intelligence
Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance
Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs
Strong understanding of security compliance standards and frameworks (PCI, ISO, SOX, etc)
Fuse locally derived and externally sourced cyber threat intelligence into signatures, detection techniques, and analytics intended to detect and track the advanced threat
Strong understanding of root causes of malware infections and proactive mitigation
Strong understanding of lateral movement and footholds
Strong understanding of data exfiltration techniques. Demonstrated ability in critical thinking, problem solving, and analytics
Real world experience analyzing complex attacks and understand TTPs of threat actors
Experience in network/host based intrusion analysis, malware analysis, forensics, and cyber threat intel
Knowledge of advanced threat actors and complex attacks
Knowledge of Splunk/Qradar/logarithm/steal watch/SolarWinds
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.