Security Operations Center, Security Specialist

Security Operations Center, Security Specialist

 

JOB DESCRIPTION & MAIN BUSINESS OBJECTIVES:

 

The Security Operations Center, Security Specialist is responsible for maintaining and advancing our existing cybersecurity program through the continual review and development of the cyber security strategy and security incident response procedures. This role is reporting to the Director of CyberSecurity. The incumbent will be tasked with providing support and advisory to customer incident response, which includes the identification, application and reporting of threat intelligence information.

 

ESSENTIAL DUTIES & RESPONSIBILITIES:

 

  • Provide response and initial management of any new or developing cyber security related issues including participation in on-call rotation.
  • Enhanced level triage and assessment of security events to determine risk to business.
  • Effectively determine risk prioritized response, investigate security events and make clear recommendations on mitigation, utilizing “kill chain” methodologies.
  • Review and interpret alerts, events and system alarms using SIEM, other tools, behavioral analytics, and network analysis while providing evolved emergency response services, incident management and analysis.
  • Respond to service provider network attacks affecting critical network infrastructure and the cloud environments.
  • Produce detailed incident reports and technical briefs on security incidents and preparing executive risk based metrics reports based on the MITRE ATT&CK model.
  • Participate and contribute to post incidents reviews and documentation.
  • Identify and report on threat intelligence from external resources and use to apply risk based assessments.
  • Day-to-day threat hunting, monitoring and analysis of risk-based threat intelligence.
  • Conduct digital forensic examinations of digital media from a variety of sources, using industry’s best practices and standard tools.
  • Being proficient in the latest forensic response and reverse engineering skills, along with astute interest in the latest exploit methodologies.
  • Responsible for developing and evolving SOC response procedures based on MITRE ATT&CK.
  • Performing gap assessments, develop automation scripts and correlation rules, tuning of systems & security tools.
  • Maintain knowledge of adversary Tactics, Techniques, and Procedures (TTP).
  • Review and respond to escalated security events from other analysts.
  • Contribute to security projects, meetings, and ad-hoc requests.

 

QUALIFICATIONS AND REQUIREMENTS:

 

  • Undergraduate degree in computer science, engineering, information science, or a related technical discipline.
  • 5+ years of related experience in cybersecurity or computer network defense or incident response.
  • CISSP, GIAC, GREM accompanied by a Forensics certification preferred.
  • Strong knowledge of Clouds, Service provider/ Telecom infrastructure, virtual environments, web applications and APIs.
  • Experience with forensic tools and methodologies is required.
  • Scripting (Powershell, Bash, Perl, Python) knowledge/experience a bonus.
  • Strong working knowledge of TCP/IP networking, including routing and common ports/protocols.
  • Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
  • Strong knowledge of malware families and network attack vectors.
  • Strong knowledge of Linux, OSX and Windows systems.
  • Understanding of PCI, SOC2 and industry compliance audit methodology.
  • Ability to pass criminal background and/or government security clearance as an ongoing condition of employment.
  • Ability to clearly articulate risk & findings to internal clients both verbally and in written form.
  • Excellent communication, interpersonal, and documentation skills.
  • Strong organizational, time management, and multi-tasking skills.
  • Ability to work well both independently and in a team environment.

 

To apply click HERE