Posted on: 05/04/22
The responsibilities include, but are not limited to, the following:
- API Integrations with various technologies in support of both strategic and tactical Threat Intelligence & Incident Response efforts
- Provide direct support for SOAR including design, development, and implementation of Tier 3 playbooks
- Identify candidates of playbooks for automation
- Interface with Splunk Administration team and provide guidance on improving logging deficiencies
- Design countermeasures and interface with the appropriate internal stakeholder groups
- Perform trend analysis of Tier-2 escalated Incidents and identify areas of security defects
- Tune existing rules to reduce false-positives and increase alert fidelity
- Serve as a subject matter expert in analyzing obfuscated malware code
- Assist the Threat Intelligence group in other functions including
- Incident Response & Forensics
- Threat Readiness
- Threat Intelligence / Threat Hunting
- Bachelor's degree in Computer Science, Information Services, or IT Security related field –Or- A satisfactory equivalent with at least 3 years of IT-Security experience.
- Minimum of 3 years of experience Tier 1 & 2 support for cyber security operation center.
- Minimum of 3 years’ experience with designing and implementing security content.
- Security Product Administration.
- SOAR Administration.
- Understanding of SOC, Threat Intelligence, & Incident Response workflows.
- Strong Proficiency in coding.