Job Title: Cyber Cloud Monitoring Analyst
Location : Wilmington, Delaware
Total experience in required skill (years): 8+ years
Duration : 6 Months
Working as a member of Information Security, the Cyber Cloud Monitoring Analyst is part of the global team that is responsible for providing 24/7 real-time monitoring of the firm's security posture. This team is also responsible for incident identification, documentation, remediation and tracking.
More specifically, the Level 2 Associate will support the global Cyber Cloud Monitoring function and have following key responsibilities:
* Perform investigation and escalation for complex or high severity security threats or incidents
* Acting as an escalation point for Tier I analysts and further analyzing events of interest
* Ensures that all identified events are promptly validated and thoroughly investigated
* Collaborates with technical teams to identify, resolve, and mitigate events
* Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity
* Assists with containment of threats and remediation of environment during or after an incident
* Work with SIEM Engineering and other security partners developing and refining correlation rules
* Regularly develop new and interesting use cases for future SIEM logic
* Administer and configure security tools and sensors to alert on certain risk conditions
* Participate in cyber threat hunts in support of the global cyber operations function
* Assist with forensics investigations.
* Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures
* Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates
* Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities
Qualifications:
* 3 - 6 years of experience in security operations canter, technical helpdesk, security operations, network administration, system administration are preferred -
* Action-oriented attitude and willingness to roll up sleeves
* Intermediate knowledge in system security architecture and security solutions - IDS, Splunk, data loss prevention, next generation anti-malware, etc.
* Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
* Intermediate knowledge of malware operation and indicators
* Intermediate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
* Intermediate knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.)
* Intermediate knowledge of Windows and Unix or Linux
* Intermediate knowledge of Firewall and Proxy technology
* Intermediate knowledge of malware operation and indicators
* Intermediate knowledge of penetration techniques
* Advanced event analysis leveraging SIEM tools
* Advanced incident investigation and response skill set
* Advanced log parsing and analysis skill set
* Strong oral and written communication skills
* Attention to detail
* Strong organizational skills
* Strong knowledge of Cloud platforms with a focus on Azure, AWS, GCP
Thank you,
Best regards,
Morris Kemp
D: +1 818-629-2509 Office:310-929-1616 EXT: -143
Certified Women Owned Minority Business Enterprise {WMBE}
3868 Carson Street, Suite 204, Torrance, CA 90503 | Offices: USA, India, Australia
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the organization. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error.
No comments:
Post a Comment