Principal Cyber Defense Ops Specialist

About The Position

Requirements

• 7 or more years of progressive security industry experience
• Demonstrated understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on Security Operations
• Hands on experience with: Security Information and Event Management Tools (QRadar, Arcsight, Splunk, etc.) Intrusion Prevention Tools Database Security Tools (Guardium) Data Loss Prevention Tools (Symantec, Websense, etc.) Firewalls (Cisco, Palo Alto, Check Point etc.) Application Security Tools Vulnerability tools Cyber Security Incident Response Network Intrusion Detection Systems (SourceFire, McAfee, etc.) Host Intrusion Detection Systems Packet Capture tools
• Experience with threat taxonomies, models (e.g. MITRE ATT&CK), and Indicators of Compromise (IOCs)
• Experience with one or more scripting language (Bash, Python, Perl, PowerShell, etc.)
• Experience with malware reverse Analyzing and tools such as IDA Pro, OllyDbg, PEID etc.
• Knowledge of Advanced Persistent Threat (APT) actors and associated tools, techniques, and procedures (TTPs)
• Excellent oral and written communications skills
• Strong analytical and critical thinking skills
• Self-motivation with the ability to work under minimal supervision
• Experience with computer security incident handling, coordination and response
• Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques

Nice To Haves

• A combination of relevant industry certifications including, but not limited to CISSP, GREM, GCIH, GCIA, CEH, GCED, CISA, etc

Responsibilities

• Conducting network forensics, log analysis, and malware triage in support of incident response investigations
• Utilizing current and future tools to perform hunting for complex insider and outsider threats
• Analyzing vulnerability assessment and penetration testing results to help identify stealthy threats and drive remedial action of critical threats
• Supporting proactive deep malware analysis, and recommending defensive actions to effectively defend against malware related attacks
• Recommend how to optimize security monitoring tools based on threat hunting discoveries
• Facilitating the evaluation, selection and implementation of supporting SOC systems and tools
• Helping develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Exercising analytical skills and knowledge of supervision regulations

Benefits

• comprehensive medical, dental and vision coverage
• retirement benefits
• maternity/paternity leave
• flexible work arrangements
• education reimbursement
• wellness programs