| urgent role : Cyber Security Engineer at Remote, Remote, USA |
| Email: [email protected] |
| From: virat, Tekinspirations [email protected] Reply to: [email protected] Hi, I Hope you are doing great. Please find below position if you have any matching candidate as per requirement. Please send me updated resume with candidate information. Job Description - Need DL Copy at time of Submission and Please provide candidates Active LinkedIn Profile with profile picture as it is Required. Also I have a Skills Matrix which is to fill by candidate at time of Submission. Resume no longer than 5 pages. Experience must start on page ONE. Job Title: Cybersecurity Detection Content Developer Location: Vienna, VA. Hybrid schedule (2-3 days onsite). (Local candidates are preferred) Duration: 6+ months MOI: Skype. No Fake Candidates; No Fake Visa; No Fake Documents Candidate must have any 1-2 Certificates which are mentioned below. Cyber Security Content Development: Create high-confidence security monitoring content consisting of dashboards and alerts within SIEM and other network security tools (Hybrid/Cloud) to detect threats, suspicious activities, potential incidents, and aid in analytical-investigations. Continuously evaluate and optimize custom and OOTB (out of the box) detection content monitoring various on-prem and cloud service provider environments in support to SOC operations. Serve as lead cyber security content SME for collaboration with various teams for purposes including, but not limited to threat intelligence, hunt operations, red team engagements, identity management, security architecture review, security event logging issues, and detection content management for identifying gaps and enhancing NFCU cyber security monitoring posture. Log Analysis: Troubleshoot issues in production and other test and development environments, applying debugging and problem-solving methodologies (e.g., log analysis, non-invasive tests). Conduct independent critical thinking to diagnose and analyze threat intelligence data, latest threats and attack vectors, tactics, techniques, and procedures (TTPs) to make decisions on the most effective response and remediation strategies through content development. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats and vulnerabilities impacting the NFCU organization. Documentation and Process Improvement: Develop technical documents including, but not limited to content creation, content/rule review process, language-specific querying for disparate log sources, network/security visibility issues, detection gaps, SOPs, and monitoring strategies. Continuously executes timely and effective communication across team and management channels regarding tasks completed, roadblocks experienced, and process improvement opportunities identified. Required Skills (Skills which are mentioned below, will be mentioned in the Skill Matrix, so all the points are very important): 7+ years of experience within cyber security operations and SIEM technologies serving in a senior analyst or supervisory role. Advanced knowledge of content creation concepts, content development management, content testing, implementation, the revision cycle, and cybersecurity threat analysis of complex events. Advanced skills in monitoring and analyzing logs and alerts from a variety of different technologies and sources, to include but not limited to IDS/IPS, firewall, proxies, network/host, antivirus, OS events, application/database, EDR, NDR, Cloud (IaaS, PaaS, SaaS). Advanced skill in developing complex detection content using various data sources and query languages - e.g., custom SPL(macros, lookups, regex) SNORT, YARA, KQL Experience in analyzing security systems, and how changes in conditions, operations, or the environment will affect deployed monitoring content. Experience in applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Advanced knowledge of security architectures, devices, proxies, firewalls, and system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Advanced understanding of blue team/red team processes and technologies and their applicability to custom content development Advanced verbal and written skill presenting complex findings, conclusions, alternatives, and information clearly and concisely to all levels of management, supervisors, stakeholders and vendors through advanced research, analytical, and problem solving skills Required: Experience with security tools related to IPS/IDS, Antivirus, Firewalls, Proxies, DLP, Forensic Analysis, Malware analysis, SIEM, Cloud, and the content development lifecycle Required: Advanced skill in analyzing log events for on prem and cloud technologies to facilitate development of cyber defense detections Desired: Splunk Power User, CySA+, CASP+, CISSP or other related Information Security certifications Desired: Bachelor degree in cybersecurity or related discipline Desired: Advanced knowledge of IT security standards and frameworks (e.g., MITRE ATT&CK) Virat Singh Technical Recruiter Desk: 469-498-0706 Email: [email protected] TEK Inspirations LLC | 13573 Tabasco Cat Trail, Frisco, TX 75035 Disclaimer: If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line to [email protected] . And mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience Keywords: information technology procedural language Texas Virginia urgent role : Cyber Security Engineer [email protected] |
| [email protected] View all |
| Wed Jan 08 04:30:00 UTC 2025 |