Home

Lead Cyber-Security Engineer_ Hybrid in Deerfield Beach, FL (Must have Local DL)_ NO H1B,CPT AND OPT at Deerfield, Wisconsin, USA
Email: [email protected]
Lead Cyber-Security Engineer

Hybrid in Deerfield Beach, FL (Must have Local DL)

1 Year

NO H1B,CPT AND OPT

*** Candidate Must Haves on a resume and for submittal:

1. How many years working with: Cyber Security Analyst

2. How many years working with:
MITRE ATT&CK framework.

3. How many years working with:
Sentinel SIEM

4. How many years working with:
leading SOC teams

5. How many years working with: Certifications

Job Description:

Please send candidates who meet or exceed the Below experience:

Managers Notes:

This is lead position

In a perfect world he needs the following

Cybersecurity LEAD Analyst I would even say maybe an engineer

Experience with

Logs search the log needed and figure out if the log is being correlated directly

Alerts

Creating Alerts

I asked him to give me 5 key skill words that they need to have

Correlation searches

A must have

Mitre Attack framework A must have

Experience with Dashboards and incident response vulnerability management A must have

Live dashboards would be a big +

Automation would be a big plus

He also spoke about Red team and purple team

Some of the tools they use:

Sentinel One

Defender

Halcyon

Tanium

Job Description

The Lead Senior Cyber-Security Analyst is a key member of the Information Security department and reports directly to the Manager, Security Operations Team with the primary responsibility to oversee the
activities of Cyber Security Analysts within the Security Operations Team with regards to:  Security Monitoring, Investigations and response, and threat intelligence.

Responsibilities include but not limited to:

Manage and conduct hands-on technical detection, analysis, containment, eradication, and response in support of day to day operations

Establish trust and business relationships with customer and other relevant stakeholders

Perform analysis and quality assurance for analyst product and work.

Technical lead for Security Incidents

Accountable for all Security Incidents tracked and Investigated by the Security Operations team.

Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.

Provide guidance and mentorship to improve analyst skill sets and ensure delivery of high quality analysis and work products

Capture Cybersecurity metrics in direct-support to executive-level briefings (daily, weekly, monthly)

Contribute to and lead improvements to the Security Operations monitoring, hunting, and incident management processes.

On critical security incidents, acts as incident manager and primary point of contact.

Lead Post-Incident Reviews.

Perform other related duties as assigned.

Creation and upkeep of attack vector specific playbooks for security incidents.

Accountable to lead all security incidents to timely and proper closure.

Responsible to be the Incident commander that drives the activities all individual involved in the incident. 

Each incident will also be assigned a SecOps Analyst who will have responsibilities for a majority of the activities.

This role will also be responsible for driving individuals from other companies and areas, including vendors, JM TechOps, and the JM Business.

Timely reporting/updates on all relevant threats and incidents to management.

Able to oversee multiple investigations/incidents concurrently providing proper direction to each work stream.

Takes appropriate Preparation steps creating knowledge, artifacts, and tools to be used during an actual incident.

Desired Skills:

Demonstrated experience working with MSFT Sentinel SIEM.

Possess a deep understanding of threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.

Needs to develop deep understanding of JM Family systems and how they might be attacked. 

Deep understanding of popular attack vectors and how they might be used to infiltrate our systems.

Must understand proper handling of forensics.

Ability to explain complex security issues to analysts, engineers, managers, and executives

Highly independent and self-directed individual capable of working with minimal supervision.

In-depth experience of network devices such as switches and routers

In-depth experience of Microsoft Windows systems including active directory

In-depth experience performing forensics, malware reverse engineering, and penetration testing

Qualifications/Requirements:

Bachelors Degree in IT related field or higher OR 10 years experiencesrik in an information technology field with a minimum of 3 years of cyber security response experience on a SOC/CIRT Team.

Experience leading SOC teams during cyber monitoring, hunting, and incident response investigations is required.

Experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.

General knowledge and understanding of information security and privacy-related regulations.

Ability to effectively multi-task, prioritize and execute tasks in a high-pressure environment

Experience driving measurable improvement in monitoring and response capabilities at scale.

Critical thinking skills and the ability to solve problems as they arise

Experience performing forensics, malware reverse engineering, and penetration testing

In-depth understanding of security issues across many different platforms and capability to articulate and communicate these issues to both technical and non-technical audiences

Strong written and verbal communication skills required.

Possess any of the following are preferred: 

Certified Information Systems Security Professional (CISSP)

GIAC Certifications 500 Level and Above

Thanks and Regards

Sanju Singh

[email protected]

D :
630-937-0022

Thank you!   

Have a great day,

Sanju Singh | Senior IT Recruiter

DRK America LLC |Naperville, IL 60563

[email protected]

D :
630-937-0022

M: 872-310-6994

linkedin.com/in/sanju-singh-62332b15a

--

Keywords: information technology Florida Illinois
Lead Cyber-Security Engineer_ Hybrid in Deerfield Beach, FL (Must have Local DL)_ NO H1B,CPT AND OPT
[email protected]
[email protected]
View all
Tue Jun 25 19:48:00 UTC 2024

To remove this job post send "job_kill 1509192" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 151

Location: , Indiana