Job Description

*** Must be a US Citizen Due to Client Constraints ***_

General Requirements:

• U.S Citizenship_

• Education: Associate?s Degree or higher preferred

• Experience: 3+ Years in a 24x7 security operations environment

• Certifications: Security industry specific certifications are a plus (CEH, GCIH, GCFA, OSCP etc.)

• WS CCP certification or MS AZ900 certification is a plus

• Demonstrated experience with event detection, triage, analysis, and response including:

• Investigative Process, Remediation Techniques, Log Analysis, Host-based Analysis, Network Traffic Analysis, Email Analysis, OSINT, Cyber Kill Chain, MITRE

Experience:

• AWS Cloud Security

• SIEM platforms, such as Devo, Elastic, Splunk, QRadar, etc.

• Various Endpoint protection platforms, such as Cybereason, CrowdStrike, Tanium, etc.

• Various ticketing systems, such as ServiceNow, Archer, etc.

• Various SOAR platforms, such as Cortex XSOAR, Siemplify, etc.

• Knowledgeable regarding computing concepts, such as networking, scripting, etc.

• Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks

• Experience in computer intrusion analysis and incident response

• Computer network surveillance/monitoring

• Knowledge and understanding of network protocols, network devices, various operating systems, and secure architectures

Job Description - Grade Specific