Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via email4-5years
Not Disclosed
Salary Not Disclosed
1 Vacancy
Review audit data and network traffic data for irregularities or other indications of real or potential security violations
Understanding of Cloud architecture and security practices to include knowledge of modern threat vectors
Familiarity with Endpoint Detection Response tools E.G. Crowdstrike Tanium Signature based detection software
Correlate and analyze security data and events from alert and traffic flow
systems
Identify potential advanced persistent and coordinated threats across
multiple platforms
Perform tuning and optimization tasks to include sensor rule review and
log aggregation/visibility
Perform reviews of implemented cybersecurity defense IDS/IPS rules
exceptions and log availability and content
Perform reviews of aggregated log data to identify missing required
sources; ensuring log data format IAW logging standards
Develop/enhance existing intrusion detection analytics dashboards and
signatures to remain commensurate with evolving cyber threat
Investigate all security related events and incidents involving assigned
information systems
Report identified security incidents through approved reporting process
Review and share significant activity reports and tippers
Perform incident response based on security events identified
Develop and deploy countermeasures in response to cybersecurity
incidents IAW Incident Response Plan
Analyze and identify root cause and lessons learned from security
incidents; document formal afteraction reports (AAR)
Provide recommendations related to tactical response actions such as
updating signatures and heuristics
Develop and maintain security analysis scripts and analytic displays
Preferred knowledge and experience with the following:
NIST and DoD security policies
Cloud Security best practices
Securing virtualization/cloud infrastructure concepts technologies and
services
Microsoft server and workstation Unix and Red Hat Linux Enterprise OS
security configurations
Basic forensic requirements and processes
Full Time