You haven't searched anything yet.
Position :- Lead Cyber Security Analyst
Location: Must be local to Hybrid/Deerfield Beach, FL
Duration:12 months
Experience with
· Logs – search the log needed and figure out if the log is being correlated directly
· Alerts –
· Creating Alerts
· Correlation searches – A must have
· Mitre Attack framework – A must have
· Experience with Dashboards and incident response vulnerability management – A must have
Some of the tools they use:
· Sentinel One
· Defender
· Halcyon
· Tanium
Responsibilities include but not limited to:
· Establish trust and business relationships with customer and other relevant stakeholders
· Perform analysis and quality assurance for analyst product and work.
· Technical lead for Security Incidents
· Accountable for all Security Incidents tracked and Investigated by the Security Operations team.
· Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
· Provide guidance and mentorship to improve analyst skill sets and ensure delivery of high quality analysis and work products
· Capture Cyber security metrics in direct-support to executive-level briefings (daily, weekly, monthly)
· Contribute to and lead improvements to the Security Operations monitoring, hunting, and incident management processes.
· On critical security incidents, acts as incident manager and primary point of contact.
· Lead Post-Incident Reviews.
· Perform other related duties as assigned.
· Creation and upkeep of attack vector specific playbooks for security incidents.
· Accountable to lead all security incidents to timely and proper closure.
· Responsible to be the Incident commander that drives the activities all individual involved in the incident.
a. Each incident will also be assigned a SecOps Analyst who will have responsibilities for a majority of the activities.
b. This role will also be responsible for driving individuals from other companies and areas, including vendors, JM TechOps, and the JM Business.
· Timely reporting/updates on all relevant threats and incidents to management.
· Able to oversee multiple investigations/incidents concurrently providing proper direction to each work stream.
· Take’s appropriate “Preparation” steps – creating knowledge, artifacts, and tools to be used during an actual incident.
Qualifications/Requirements:
· Bachelor’s Degree in IT related field or higher OR 10 years’ experience in an information technology field with a minimum of 3 years of cyber security response experience on a SOC/CIRT Team.
· Experience leading SOC teams during cyber monitoring, hunting, and incident response investigations is required.
· Experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
· Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
· General knowledge and understanding of information security and privacy-related regulations.
· Ability to effectively multi-task, prioritize and execute tasks in a high-pressure environment
· Experience driving measurable improvement in monitoring and response capabilities at scale.
· Critical thinking skills and the ability to solve problems as they arise
· Experience performing forensics, malware reverse engineering, and penetration testing
· In-depth understanding of security issues across many different platforms and capability to articulate and communicate these issues to both technical and non-technical audiences
· Strong written and verbal communication skills required.
Certified Information Systems Security Professional (CISSP)
GIAC Certifications 500 Level and Above
Contractor
$106k-133k (estimate)
06/27/2024
07/25/2024