Skip to content

This website uses cookies to provide features and services. By using the site you agree to the use of cookies.Cookie policy.  Close
JobServe
 

Alpharetta, Georgia - USD Full Time Posted: Tuesday, 3 December 2019
 
 
We are looking for SOC Analyst for our client in Alpharetta, GA Job Title: SOC Analyst Job Location: Alpharetta, GA Job Type: Contract Job Description:
  • The resource would be expected to play an active role in maintaining the integrity and security of Enterprise.
  • Will have to own incident response, do triage and investigation, assist with classifying security events, develop a remediation plan, provide guidance as needed, and assist with system security compliance.
  • The analyst will need to be familiar with forensic techniques and support customer interactions with 3rd party forensics efforts.
The responsibility would include:
  • Process alerts received from Tier 2 SOC and Drive/Guide teams to take appropriate response actions on Security incident events.
  • Perform advanced dynamic analyses of potentially malicious artifacts, binaries captured in the environment and be very comfortable operating in a sandbox environment.
  • Should know Scripting (eg, Python), PowerShell and have a deep understanding of operating system internals.
  • Should have expert level knowledge on EDR tools, and vast experiencing responding to various types of malware strains and attacks.
  • Should have an understanding of attack methodologies, how systems are initially compromised, how credentials are compromised, how lateral movement is performed, how exfiltration is identified, etc.
  • Should be able to articulate and construct SIEM queries to identify those attack tactics and techniques, which would generate alerts which would be further validated from a threat hunting perspective.
  • Have extensive experience and be very resourceful in collecting intelligence from OSINT channels.
  • Should be an expert level regarding SIEM platforms and using them to support the investigation, custom queries, and also use-case development.
  • Should be able to perform forensic functions (eg, review of memory dump data to pull relevant artifacts, indications, caches), extract files/binaries, and reconstruct the attack timeline/sequence.
  • Should understand basic reverse engineering and code debugging.
  • Should have an expert level understanding of the Mitre Attack Framework and be able to participate in red team/blue team exercises For the red team, exercise should have the proficiency to develop various stages of the attack (eg initial access/compromise, file-less exploits, credential dumping tools, remote command execution, lateral movement, exfiltration, etc.).
  • Act as liaison between the Enterprise and third parties performing forensic efforts, support the forensic efforts, and assist with project management of 3rd party forensic efforts for the Enterprise.
Qualifications:
  • Bachelor's degree in Computer Science, Engineering, IT, Cybersecurity, or a related field, or equivalent experience.
  • At least 7-10 years of professional experience in incident detection and response, malware analysis, or cyber forensics is required.
  • Extensive experience in at least one SIEM technology is required.
  • Extensive Experience in Incident Response, Log Analysis, Network Traffic Packet Analysis, and email analysis is required.
  • Should be able to use advanced forensic tools and techniques for attack reconstruction, and possess network security architecture and domain knowledge to develop systems and exploitation methods.
  • Good understanding of network security architecture, incident detection and response, malware analysis, and cyber forensics is required (actual experience is preferred.).
  • Good understanding of security control compliance, information risk management, or information systems risk assessment, and security tools implementation (actual experience is preferred.).
  • Good understanding of working and log formats of security technologies such as Firewalls, IPS/IDS, Proxies, Active Directory, Operating systems, DLP, NAC is required.
  • A good understanding of Cloud Security concepts is preferred.
  • A good understanding of the forensic process and methods is required (actual experience is preferred).
  • Scripting knowledge Python/Powershell or similar languages is preferred.
  • CEH, ECIH, GCIH preferred.
- provided by Dice

Alpharetta, Georgia, United States of America
IT
USD
Cynet Systems
Cynet Systems
JS6874_CFAD258F3E4317676087C686B7BB871A/805910056
12/3/2019 10:31:03 AM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.

Other jobs like this

Alpharetta, Georgia
Open + Bonus
Alpharetta, Georgia
140-180k +bonus
See more