Cyber security Defense Operations Analyst WITH Active CISSP Certificate

Trail Blazer Consulting LLC Logo
Trail Blazer Consulting LLC
Greensboro, NC, United States
  • Construction
  • Applications have closed

Job Title Cybersecurity Defense Operations Analyst WITH Active CISSP Certificate

Location Greensboro, NC (Onsite)

Duration 12 months

Interview Process Skype

Required Skills & Experience

  • Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities?
  • One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP?
  • Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments?
  • Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)?
  • Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management?
  • Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols?
  • Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)?
  • Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls?
  • Working knowledge in modern cryptographic algorithms and systems?
  • Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics?
  • Network design knowledge including security architecture?
  • Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)?
  • Conceptual understanding of cyber threat hunting?
  • Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response?
  • Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting?
  • Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement?
  • Knowledge of new and emerging cybersecurity technologies?
  • Ability to create technical documents as well as stakeholder sitreps and briefing documents?
Apply for job