| Immediate needed SOC Analyst in Remote for 06+Months at Remote, Remote, USA |
| Email: [email protected] |
| From: Abdul Rahman, ConvexTech Inc [email protected] Reply to: [email protected] SOC Analyst Remote 06+Months Duties and Responsibilities: Monitor, protect, and defend the enterprise perimeter against malicious network traffic. Monitor, protect, and defend internal networks and hosts against ongoing and emerging threats. Enrich monitoring logs with contextual operation data from functional areas correlate events and identify security issues, threats, and vulnerabilities Conduct security event analysis and validation, triage validated incidents, perform initial containment where feasible, research incident and enrich incident case documentation, and escalate incident for further analysis, containment, and eradication. Review and analyze threat intelligence information and proactively search application, system, network logs to hunt for and thwart relevant threats identified threats. Prepare and perform shift handover briefing to communicate completed and pending activities, and relay situational awareness information. Contribute to the development and maintenance of SOC Standard Operating Procedures (SOPs) and Concept of Operations (CONOPS) to establish and continuously improve organization operating knowledge base. Participate in post-incident activities and contribute to lessons learned to improve security operations. Provide support in preparation of management threat reports and briefings, and recommendations. Provide sound technical recommendations that enable remediation of security issues. Partner with security engineering to develop and refine SIEM correlation rules. Utilize advanced threat models, SIEM use cases, and incident response playbooks. Required Skills and Qualifications: Bachelors degree from an accredited college or university with a major in computer science, information systems, engineering, business, or a related scientific or technical disciplines. Master's Degree is preferred. CompTIA CySA+ certification/ or a CompTIA Security+ (or other relevant IAT Level II/III Certification) along with one of the following: o CEH o CFR o CCNA Cyber Ops o CCNA-Security o GCIA o GCIH o GICSP o Cloud+ o SCYBER o PenTest+ Experience analyzing intrusion events such phishing emails, malware, privileges misuse, traffic indicating potential malicious activities such DoS/DDoS, brute force, data loss through exfiltration/ inadvertent disclosure. Applied experience of threat analysis model/frameworks such Cyber Kill Chain, MITRE ATT&CK, Diamond Model, Pyramid of Pain etc. Working knowledge of advanced threat Tactics, Techniques and Procedures (TTPs). Applied experience with network traffic analysis with tools like Wireshark Applied experience with a variety of Opensource threat research tools/platforms such as Virus Total Working knowledge of network and security architecture principles such as defense-in-depth Experience with proprietary security protection/detections tools such as Firewall, Host and Network IDS/IPS, Anti-Virus, EDR, URL Filtering Gateways, Email Filtering Gateways, DLP tools, and SIEM tools such as Splunk etc. Capable of working independently, establishing priorities and managing task completion within set SLAs Able to communicate effectively through writing, speaking, and presenting to client technical representatives. Team player capable of productively contributing to the client mission by supporting fellow teammates in a dynamic growing and changing environment. Desired Skills and Qualifications: Experience with mid-to-advance level malware analysis Experience creating detailed queries and scripts, such as regular expressions, for log, event and correlation analysis. Experience scripting in Python, PowerShell, VBScript ConvexTech Abdul Rahman Talent Acquisition |Staffing & Recruitment Contact No: 214-295-3719 Email: [email protected] LinkedIn: https://www.linkedin.com/in/abdul-rahman-36a967206/ 10027 Park Meadow Dr Houston TX 77089, USA Note: The content of this email is confidential and intended for the recipient specified in the message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. Keywords: information technology Texas |
| [email protected] View all |
| Tue Nov 21 00:52:00 UTC 2023 |