This position requires shift work, including occasional night shifts approximately about once every three weeks. Additionally, there may be occasional Friday Morning shifts, which are compensated with a full day off. However, we prioritize our employees’ well-being by ensuring that there are no workday shifts immediately following a night shift. Our scheduling aims to maintain a healthy work-life balance for all team members.
Responsibilities
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Perform host-based analysis, artifact analysis, and malware analysis in support of security investigations and incident response.
Coordinate investigation, containment, and other response activities with business stakeholders and groups.
Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
Recommend or develop new detection logic and tune existing sensors/security controls.
Work with security solutions owners to assess existing security solutions ability to detect/mitigate the abovementioned TTPs.
Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against the company network.
4+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) creating, escalating, and managing security incidents and creating incident reports.
Managing low to high-risk cybersecurity events, alerts, and incidents, event monitoring, and analysis, and responding to and escalating IT/DevOps security events and threats and vulnerabilities.
Collaborating with stakeholders to drive incident response and remediation.
Development of common runbooks for most frequent or critical incident types.
3+ years of working with security tools such as SIEM, Analytics & Intelligence, Intrusion Detection, Malware detection, Data Loss Protection, and Identity & Access Management
Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts.
Problem solver, an in-depth thinker with a growth mindset.
Excellent communication skills and ability to work collaboratively with other teams
