As a member of the Security Operation Center, you will be part of a dynamic and growing security program with a focus on real time monitoring and anomaly hunting. You will be supporting scaling and maturing the incident response program. This role will aid in identifying, developing, implementing, and maintaining processes across the organization to catch and prevent security related incidents, and perform active IR investigations
Role and Responsibilities
- Correlate and analyze data between disparate sources to assess threat actor techniques, tactics, and procedures.
- Perform forensic analysis on captured logs, network traffic collections, volatile memory or host images to identify and trace breach indicators and develop actionable threat intelligence.
- Execute the Incident Response lifecycle and coordinating remediation activities throughout the organization and its lines of business as a part of Cyber Incident Handling
- Provide timely and relevant updates to involved parties and decision makers
- Contribute to the identification of process inefficiencies and continuous improvement of security monitoring, response and controls.
- Document results of cyber threat analysis and subsequent remediation and recovery in an effective and consistent manner
- Provide training and mentoring of junior team members
Skills and Education Requirements
- Bachelor’s degree in Computer Science or a related field.
- 2-3 Years of SOC or Incident Response experience
- Practical experience in network and endpoint forensics
- Understanding of actors' TTP, from botnet to APT.
- Knowledge and experience with network protocols, packet capture analysis, enterprise architecture, network security systems and products, network security monitoring and computer incident handling and response capability and tools, to include IDS, IPS, DLP, etc.
- Prior experience leveraging common scripting languages to parse logs, automate processes, and integrate systems
- Solid writing skills to develop and maintain technical user guide documentation, standard operating procedures, and response playbooks.
- Strong attention to detail.
- Team player.