Sr Cyber Defense Ops Spec
About The Position
As the Sr Cyber Defense Ops Specialist, you are a senior individual contributor in the Cyber Defense Threat Detection (CDTD) Cyber Defense Operations Center (CDOC), responsible for performing security monitoring, intrusion analysis, incident handling, data loss prevention, privileged user monitoring, training of analysts, security incident management, malware detection/eradication, and recognizing hacker/incident response tactics, techniques, and procedures. You will have responsibility for one or more of the security systems aligned with their specific function, either directly or indirectly; and will be a technical authority for critical operational decisions having significant impact to the organization with authority extending beyond the team to include both technology and business line areas in security related decisions. This role requires you to stay current with security technology, the threat landscape, and emerging threats. You will also act as a subject matter expert in their specific disciplines and will provide management with recommendations and guidance as needed. Primary responsibilities include Performing ongoing monitoring and threat analysis, analyzing logs, NetFlow data, and packet capture. Identifying potential IT security incidents and escalating information to appropriate IR senior staff. Assessing threat and vulnerability information from all sources (both internal and external) and promptly applying applicable mitigation techniques. Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk. Using information from cyber security tools and processes, assessing potential security and business impacts while communicating recommendations to management. Representing Cyber Defense as needed on security related or risk related initiatives or working groups where technical skills and security expertise are required. Proactively protecting, monitoring, investigating and resolving threats to secure user environment and company assets.
Requirements
- 3 or more years of security industry experience preferably in a Security Operations Center (SOC) environment
- Strong verbal and written communication skills including the ability to communicate technical concepts to non-technical audiences
- Excellent critical thinking, problem-solving, and decision-making skills
- Must possess active listening, attention to detail, customer service, prioritization, and problem-solving skills
- Ability to work independently or strategically
- Experience adapting and demonstrating flexibility while working in a dynamic environment
Nice To Haves
- Security Information and Event Management Tools (Arcsight, Splunk, etc.)
- Intrusion Prevention/Detection Tools (FirePower, McAfee)
- Database Security Tools (Guardium, jSonar)
- Data Loss Prevention Tools (Symantec, Triton, etc.)
- Firewalls (Cisco, Palo Alto, Check Point etc.)
- Application Security Tools (Web Application Firewalls)
- Vulnerability tools
- Cyber Security Incident Response
- Host Intrusion Detection Systems
- XDR and Antivirus Tools (Crowdstrike, Symantec, MS Defender)
- Bachelor’s Degree or equivalent combination of experience
- A combination of relevant industry certifications preferred (e.g. Net+, Sec+, CySA+, CEH, Pentest+, GCFA, GSOC, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals)
Responsibilities
- Performing ongoing monitoring and threat analysis
- Analyzing logs, NetFlow data, and packet capture
- Identifying potential IT security incidents and escalating information to appropriate IR senior staff
- Assessing threat and vulnerability information from all sources (both internal and external) and promptly applying applicable mitigation techniques
- Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Using information from cyber security tools and processes, assessing potential security and business impacts while communicating recommendations to management
- Representing Cyber Defense as needed on security related or risk related initiatives or working groups where technical skills and security expertise are required
- Proactively protecting, monitoring, investigating and resolving threats to secure user environment and company assets
Benefits
- comprehensive medical, dental and vision coverage
- retirement benefits
- maternity/paternity leave
- flexible work arrangements
- education reimbursement
- wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
Associate degree
