|
Search Jobvertise Jobs
|
Jobvertise
|
Cyber Cloud Monitoring Analyst Location: US-DE-Wilmington Email this job to a friend
Report this Job
Title: Cyber Cloud Monitoring Analyst Location: Wilmington, DE Responsibilities Perform investigation and escalation for complex or high severity security threats or incidents Acting as an escalation point for Tier I analysts and further analyzing events of interest Ensures that all identified events are promptly validated and thoroughly investigated Collaborates with technical teams to identify, resolve, and mitigate events Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert on certain risk conditions Participate in cyber threat hunts in support of the global cyber operations function Assist with forensics investigations. Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to organization Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities Qualifications: 6+ years of experience in security operations canter, technical helpdesk, security operations, network administration, system administration are preferred Strong knowledge of Cloud platforms with a focus on Azure, AWS (Preferably Azure] CISSP, CISM, GCHI, CEH, CCNA, or GIAC are preferred University Degree/MBA Action-oriented attitude and willingness to roll up sleeves Intermediate knowledge in system security architecture and security solutions IDS, Splunk, data loss prevention, next generation anti-malware, etc. Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.) Intermediate knowledge of malware operation and indicators Intermediate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.) Intermediate knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.) Intermediate knowledge of Windows and Unix or Linux Intermediate knowledge of Firewall and Proxy technology Intermediate knowledge of malware operation and indicators Intermediate knowledge of penetration techniques Advanced event analysis leveraging SIEM tools Advanced incident investigation and response skill set Advanced log parsing and analysis skill set Strong oral and written communication skills Attention to detail Strong organizational skills
Zentek Infosoft Inc.
|