Career

ACCOUNTABILITIES

• Provides holistic security advice through network, host, database, device, and people/process environments to a wide range of internal business stakeholders.
• At advanced stages, leaders of business units and embedded security champions may provide software or portfolio-level advice.
• In one or more fields, it usually provides deeper knowledge and experience.

** US Citizen is required

Skills/Qualifications:

• Practical experience as SOC and as a Threat Intelligence or Incident Response Analyst.- Excellent understanding of suggestion cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats.
• Good experience of Splunk dashboard creation, search, and reporting. Splunk Power User certification is a plus.
• Good experience in introducing and making content for both On-Premise and SaaS applications.
• Strong understanding of and experience with common network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools, and forensic analysis tools
• Good understanding of and experience with web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired
• Good knowledge of several cyber threat intelligence models is required. Such as:
• Familiarity with the Cyber Threat Kill Chain
• Experience with the MITRE ATT&CK Framework
• Excellent understanding of the various structured analytic techniques is required. Such as Key Assumptions Check, Analysis of Competing Hypotheses (ACH), High-Impact/Low-Probability Analysis
• Practical experience in one or more of the following fields: network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, and/or counterintelligence operations
• Demonstrated knowledge analytical and report-writing skills
• Ability to manage competing priorities and work efficiently under pressure
• Good experience in coding and scripting is preferred

• Works with clients to mitigate compliance risks in terms of safe product setup, implementation and how they match and conform to relevant security protocols and guidelines.
• Guides clients in the development and enforcement of security control
• Prioritizes own work and may have responsibilities to instruct, guide, delegate and supervise the work of more junior team members
• Understands and contributes to the approach, regulation, guidelines, and processes for cybersecurity
• Build and offer workshops on cybersecurity issues to professional and non-technical audiences.
• Translates cybersecurity specifications for a single customer, software or project into specific frameworks, apps and model designs