CyberSecurity Threat/ Portfolio Analyst (ONSITE)

29 Mar 2024

Vacancy expired!

Please note that this is a 6 months contract position. The Cybersecurity Operations Portfolio is in need of a Cyber Threat Analyst supporting its Threat Intelligence (TIU) program. The resource will be supporting TIU - Daily Operations. This resource will be working with the OPS: Threat Intelligence (TIU) team to Key Responsibilities:Must be able to:• Implement a dynamic, advanced Risk-Based Alerting (RBA) security framework within Splunk• Create and test detections written in advanced Splunk Programming Language (SPL)• Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes.• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.• Leverage tools including Splunk, Tanium, FireEye suite as part of duties performing cyber incident response analysis.• Act as an observer to Red Team penetration testing exercises and collaborating with Cybersecurity Operations Center (CSOC)• Correlate event or incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.• Work with a diverse team of analysts in conducting incident triage, incident handling, and remediation. Qualification Requirements:• 5+ years experience with Splunk, MITRE ATT&CK Framework, Endpoint Security Services• Experience with host level scripting, eg. Powershell.• Experience in working with one or more Cloud Platforms• Familiarity with cybersecurity operation center functions• Linux Administration and monitoring• Windows Administration and monitoring• Experience with Security framework and can interpret use cases into actionable monitoring solutions.Strong working knowledge of:• Security Information and Event Management (SIEM) systems.• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).• Network and Host malware detection and prevention.• Network and Host forensic applications.• Web/Email gateway security technologies.• Sysmon.• Log aggregation tools.• Demonstrated ability to establish priorities, manage shifting priorities, and handle numerous time-sensitive projects with multiple deadlines• Ability to accomplish goals working through formal and informal channels, with diplomacy and tactfulness• Demonstrated solid planning and organizational skills• Demonstrated experience working independently and as part of a teamEXPERIENCE LEVEL:5-7 years of experience with security operations and incident responseEDUCATION:Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field.CERTIFICATIONS: (One or more required)One or more of the following Certification(s): CISSP, CISA, CISM, GIAC, RHCE.Applicants must provide their phone number. Reference job number A3320.

  • ID: #49582129
  • State: Virginia Fallschurch 22040 Fallschurch USA
  • City: Fallschurch
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2023-03-29
  • Deadline: 2023-05-27
  • Category: Et cetera