Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via emailHybrid Role for Mid-level Cyber Security / Threat Management/SOC (7/9 Total IT Exp))
(At least 2/3 days to the office):
TASKS & Scope of work :
Serve as the escalation point for high-profile cybersecurity incidents
Engage in malware analysis, digital forensics, and campaign assessments; and harmonizes response activities in the JSOC among OTI, City departments, and state, federal, and private partners.
Work with cyber intelligence teams to identify new cyber threats and campaigns and proactively deploy countermeasures
Prioritize incident response activities and coordinate response efforts among City departments and external partners
Investigate cybersecurity incidents through log, file, and malware analysis
Perform memory, network, and host forensics
Devise appropriate remediation strategies and assist affected City agencies in containing, eradicating, and recovering from cybersecurity incidents
Develop post-incident action plans to improve Mean Time to Detect and Mean Time to Respond
Maintain knowledge of current cyber threat campaigns and tradecraft
Proactive threat hunting to identify, counter, and recover from advanced adversaries
Design, build and enhance cyber-incident detection tools and capabilities
Participate in on-call rotation
MANDATORY SKILLS/EXPERIENCE
Minimum 4 years of experience in Threat Management/SOC/Incident Response environment performing security event and incident detection and handling in an operational environment.
DESIRABLE SKILLS/EXPERIENCE:
Previous experience working as a part of an IT Security team
Formal education or a strong background in Computer Science, Computer Engineering or similar experience
Incident response experience responding to advanced adversaries
Active knowledge of current trends in computer security, software/hardware vulnerabilities
Active interest in current security research
Ability to work as part of a CERT which may require rotational weekday/weekend on-call coverage
Strong sense of teamwork, an inquisitive mind, and the desire to share knowledge
Ability to understand and implement technical vulnerability corrections
Experience in web application security assessment and/or penetration testing
Experience with hybrid cloud environments
Experience conducting static and dynamic malware analysis
Experience with automation, scripting (Python, PowerShell, etc.)
Understanding of intrusion analysis
Knowledge of multiple operating systems internals (Windows, Linux, OS X)
Host and network forensics
At least one of the following industry certifications:
o SANS GIAC: GCIA, GCIH, GCFA, GCFE, GNFA, GREM, GPEN, GWAPT, GXPN, GDAT
o Offensive Security: OSCP
Full Time