Intrusion Detection Team Lead - 3rd shift

About The Position

Requirements

• Bachelor's and 8 years of intrusion detection experience
• 7 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs.
• Working experience of Splunk SIEM.
• At least two years as a cyber security or security operations shift team leader.
• At least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, and working in a SIEM environment.
• Must possess at least one (1) of the following certifications: GIAC Certified Intrusion Analyst (GCIA), EC-Council's Certified Security Analyst (ECSA), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Enterprise Defender (GCED), Systems Security Certified Practitioner (SSCP), or a Certified Information Systems Security Professional (CISSP).
• Splunk Fundamentals I & II certification.

Responsibilities

• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client
• Provides timely and actionable sanitized intelligence to cyber incident response professionals
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership