Cyber Security Analyst

Description:

-Bachelor’s degree in Computer Science or a related 4-year technical degree

-Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities

-One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP

-Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments

-Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)

-Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management

-Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols

-Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)

-Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls

-Working knowledge in modern cryptographic algorithms and systems

-Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics

-Network design knowledge including security architecture

-Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)

-Conceptual understanding of cyber threat hunting

-Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response

-Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting

-Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement

-Knowledge of new and emerging cybersecurity technologies

-Ability to create technical documents as well as stakeholder sitreps and briefing documents