Cyber Security Analyst - Engineer - Deerfield Beach, FL Hybrid (Must Be Local To Florida) at Florida, New York, USA |
Email: [email protected] |
From: anuroop, Involgix Inc [email protected] Reply to: [email protected] Role: Cyber Security Analyst/Engineer Location: Deerfield Beach, FL Hybrid (Must Be Local To Florida) Duration: 1+ Year Must Have: MITRE ATT&CK framework. Sentinel SIEM leading SOC teams Certifications Job Description The Lead Senior Cyber-Security Analyst is a key member of the Information Security department and reports directly to the Manager, Security Operations Team with the primary responsibility to oversee the activities of Cyber Security Analysts within the Security Operations Team with regards to: Security Monitoring, Investigations and response, and threat intelligence. Responsibilities include but not limited to: Manage and conduct hands-on technical detection, analysis, containment, eradication, and response in support of day to day operations Establish trust and business relationships with customer and other relevant stakeholders Perform analysis and quality assurance for analyst product and work. Technical lead for Security Incidents Accountable for all Security Incidents tracked and Investigated by the Security Operations team. Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and enduser systems. Provide guidance and mentorship to improve analyst skill sets and ensure delivery of high quality analysis and work products Capture Cybersecurity metrics in direct-support to executive-level briefings (daily, weekly, monthly) Contribute to and lead improvements to the Security Operations monitoring, hunting, and incident management processes. On critical security incidents, acts as incident manager and primary point of contact. Lead Post-Incident Reviews. Perform other related duties as assigned. Creation and upkeep of attack vector specific playbooks for security incidents. Accountable to lead all security incidents to timely and proper closure. Responsible to be the Incident commander that drives the activities all individual involved in the incident. Each incident will also be assigned a SecOps Analyst who will have responsibilities for a majority of the activities. This role will also be responsible for driving individuals from other companies and areas, including vendors, JM TechOps, and the JM Business. Timely reporting/updates on all relevant threats and incidents to management. Able to oversee multiple investigations/incidents concurrently providing proper direction to each work stream. Takes appropriate Preparation steps creating knowledge, artifacts, and tools to be used during an actual incident. Desired Skills: Demonstrated experience working with MSFT Sentinel SIEM. Possess a deep understanding of threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools. Needs to develop deep understanding of JM Family systems and how they might be attacked. Deep understanding of popular attack vectors and how they might be used to infiltrate our systems. Must understand proper handling of forensics. Ability to explain complex security issues to analysts, engineers, managers, and executives Highly independent and self-directed individual capable of working with minimal supervision. In-depth experience of network devices such as switches and routers In-depth experience of Microsoft Windows systems including active directory In-depth experience performing forensics, malware reverse engineering, and penetration testing Qualifications/Requirements: Bachelors Degree in IT related field or higher OR 10 years experience in an information technology field with a minimum of 3 years of cyber security response experience on a SOC/CIRT Team. Experience leading SOC teams during cyber monitoring, hunting, and incident response investigations is required. Experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework. Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments. General knowledge and understanding of information security and privacy-related regulations. Ability to effectively multi-task, prioritize and execute tasks in a high-pressure environment Experience driving measurable improvement in monitoring and response capabilities at scale. Critical thinking skills and the ability to solve problems as they arise Experience performing forensics, malware reverse engineering, and penetration testing In-depth understanding of security issues across many different platforms and capability to articulate and communicate these issues to both technical and non-technical audiences Strong written and verbal communication skills required. Possess any of the following are preferred: Certified Information Systems Security Professional (CISSP) GIAC Certifications 500 Level and Above Keywords: information technology Florida Cyber Security Analyst - Engineer - Deerfield Beach, FL Hybrid (Must Be Local To Florida) [email protected] |
[email protected] View all |
Tue Jun 25 15:13:00 UTC 2024 |