Cyber Threat Detection Engineer - ONSITE at San Antonio, Texas, USA |
Email: [email protected] |
From: Devakar, KK Software Associates [email protected] Reply to: [email protected] Note: Please don't share OPT, CPT and H4EAD Client: TCS Location: San Antonio, TX / ONSITE Skills Must - Threat ELK Fireeye Sysmon Winlog beat python bash JD: Technical/Functional Skills ELK stack, Fireeye HX, Sysmon, Winlogbeat Key words to search in resume Develop Use cases for Threats, Python, Bash scripting Prescreening Questionnaire Do you have experience in (Elastalert, Logstash, Kibana (ELK) & Develop Use cases for Threats Technical knowledge to write & develop rules for CIRT analysis, experience on ELK stack, Fireeye HX, Sysmon, Winlogbeat, CI-CD pipeline. Deep understanding of cyber threat actor attacker techniques and tools (such as malware, common attack types) including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits), proficient with MITRE ATT&CK Deep understanding of security operations center processes, tools, and data for analysis & control mitigations, security event timeline analysis and baselining with experience in the analysis of logs and data for the development and implementation of custom detections to counter attacker techniques, known vulnerabilities and evasion methods Security architecture (network topology, firewalls, proxies, web content filtering, wireless, EDR, IDS, IPS, SIEM, SOAR, etc.) Network data sources (full packet analysis, flow data, dns logs, proxy logs, NIDS, etc.) Knowledge and experience with common scripting languages and tools Python, PowerShell, Bash, YAML Deep knowledge of compound logical operations (AND, OR, NOT), regular expressions Experience extracting data from logs, SQL, and APIs Knowledge and experience with tools used to build threat detections (Elastalert, Logstash, Kibana (ELK), Fireeye HX, Sysmon, Winlogbeat, Linux Auditd) Deep understanding and experience with Operating Systems Including: Administration, configuration, registry, processes (Windows, Mac, and Linux) Experience in red team/blue team/incident responder interactions Understanding of CI/CD pipelines Experience with source control tools (Git). Keywords: continuous integration continuous deployment Texas |
[email protected] View all |
Fri Feb 09 00:41:00 UTC 2024 |