Full Job Description
Responsibilities
- Plan and execute adversary hunt for malicious activity using myriad log sources, network- and host-based tools to identify the threat actors and their tools and techniques.
- Perform investigation on suspected compromised assets and services, and analyze log data and other artifacts to determine what occurred.
- Analyze and improve situational awareness, monitoring coverage, and incident response capabilities.
- Design, develop, debug, and deliver tooling to assist the investigative and hunting process.
- Collect, curate, and transform various data to support advanced analytic creation and investigation automation.
- Create technical documentation for other analysts and other teams to follow.
- Work with other internal and external teams to forge new and improve existing partnerships that help mature the teams’ techniques, tactics, and procedures (TTPs).
Qualifications
Required Qualifications- 4+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) or equivalent cyber security training.
- Trained in security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
- Demonstrate ability to understand and communicate technical details with varying levels of management.
- Expectation to learn new tools and techniques every day.
Preferred QualificationsAn exceptionally well-qualified candidate will meet one or more of the following criteria:- Ability to rapidly learn new security tools.
- Training or experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
- Hands-on experience or training with Cloud Security
- Deep understanding of adversary and cyber intel frameworks.
- Good working knowledge of common security, encryption, and protocols such as encryption, PKI, modern authentication and cloud app authorization architectures and protocols.
- Ability to work effectively in ambiguous situations and respond favorably to change.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form. Benefits/perks listed below may vary depending on the nature of your employment with and the city where you work.
Responsibilities
- Plan and execute adversary hunt for malicious activity using myriad log sources, network- and host-based tools to identify the threat actors and their tools and techniques.
- Perform investigation on suspected compromised assets and services, and analyze log data and other artifacts to determine what occurred.
- Analyze and improve situational awareness, monitoring coverage, and incident response capabilities.
- Design, develop, debug, and deliver tooling to assist the investigative and hunting process.
- Collect, curate, and transform various data to support advanced analytic creation and investigation automation.
- Create technical documentation for other analysts and other teams to follow.
- Work with other internal and external teams to forge new and improve existing partnerships that help mature the teams’ techniques, tactics, and procedures (TTPs).
Qualifications
Required Qualifications- 4+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) or equivalent cyber security training.
- Trained in security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
- Demonstrate ability to understand and communicate technical details with varying levels of management.
- Expectation to learn new tools and techniques every day.
Preferred QualificationsAn exceptionally well-qualified candidate will meet one or more of the following criteria:- Ability to rapidly learn new security tools.
- Training or experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
- Hands-on experience or training with Cloud Security
- Deep understanding of adversary and cyber intel frameworks.
- Good working knowledge of common security, encryption, and protocols such as encryption, PKI, modern authentication and cloud app authorization architectures and protocols.
- Ability to work effectively in ambiguous situations and respond favorably to change.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form. Benefits/perks listed below may vary depending on the nature of your employment with and the city where you work.
Required Qualifications
- 4+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, analyst, researcher, etc.) or equivalent cyber security training.
- Trained in security related subjects and trends such as digital forensics, reverse engineering, penetration testing, and malware analysis.
- Demonstrate ability to understand and communicate technical details with varying levels of management.
- Expectation to learn new tools and techniques every day.
Preferred Qualifications
An exceptionally well-qualified candidate will meet one or more of the following criteria:
- Ability to rapidly learn new security tools.
- Training or experience with Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps and Agile Scrum.
- Hands-on experience or training with Cloud Security
- Deep understanding of adversary and cyber intel frameworks.
- Good working knowledge of common security, encryption, and protocols such as encryption, PKI, modern authentication and cloud app authorization architectures and protocols.
- Ability to work effectively in ambiguous situations and respond favorably to change.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with and the city where you work.
To apply for this job email your details to recruit@cysecon.com
