| Sr. Cyber Defense Analyst at Remote, Remote, USA |
| Email: [email protected] |
| From: Sanjeev Kumar Singh, Tek Inspirations LLC [email protected] Reply to: [email protected] Job Description - Job Title: Sr. Cyber Defense Analyst Location : Deerfield, IL Visa Status: Citizen , Green Card MOI: Skype Job Details Job Responsibilities: Cyber Defense Operations activity including: Investigating and responding to DLP alerts. Investigating and responding to Insider Risk management alerts. Processing trainable classifiers. Metrics gathering and management. Help finalize the DLP/IP services. Help develop Threat-hunting and Intelligence services. Time zone: Eastern, hours are 7a to 4p in order to overlap with EU team Projects: Data Loss Prevention (DLP) deployment Insider Threat Program Development Threat Intelligence Program Development Technical Skills Required: Technical Skills Required: The individual can conduct vulnerability scans and recognize vulnerabilities in security systems, ensuring the robustness and resilience of these systems. They can accurately and completely source all data used in intelligence, assessment, and planning products, ensuring the reliability and comprehensiveness of these products. They can apply cybersecurity and privacy principles to organizational requirements, ensuring the confidentiality, integrity, availability, authentication, and non-repudiation of the organizations data and systems. It would be beneficial if they had some project management or development ability. Familiarity with Microsoft Purview and Sentinel A0015: Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. A0066: Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Specialized Skills Required: T0020: Develop content for cyber defense tools. T0088: Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. T0155: Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. T0164: Perform cyber defense trend analysis and reporting. T0166: Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. T0187: Plan and recommend modifications or adjustments based on exercise results or system environment. T0198: Provide daily summary reports of network events and activity relevant to cyber defense practices. T0258: Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. T0259: Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity. T0292: Recommend computing environment vulnerability corrections. T0293: Identify and analyze anomalies in network traffic using metadata (e.g., CENTAUR). T0294: Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings). T0332: Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan. T0469: Analyze and report organizational security posture trends. T0475: Assess adequate access controls based on principles of least privilege and need-to-know. T0503: Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. T0526: Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. T0545: Work with stakeholders to resolve computer security incidents and vulnerability compliance. T0548: Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans. Interview Process: With the hiring manager With Cyber Defense Associate EducationalRequirements: At least three years of work experience in Information Technology, Networking, or Information Security. Work experience with or certification with Microsoft Purview tooling. Keywords: information technology Illinois |
| [email protected] View all |
| Mon Dec 04 23:31:00 UTC 2023 |