Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior MDR Analyst
Company Blackpoint Cyber
Location Remote
Preferred GIAC Certifications GREM or GCFE or GREM
Travel 10%
Salary Not provided
URL https://blackpointcyber.com/senior-mdr-analyst-hawaii/
Contact Name Anonymous
Contact Email donotemail/at/sans.edu
Expires 2022-06-03

Job Description

Blackpoint is searching for a Senior MDR Analyst to support its 24/7 Managed Detection and Response (MDR) service in Ellicott City, MD. The position requires the ability to organize and lead proactive threat hunts to detect and analyze anomalies using Blackpoint’s proprietary cyber security platform, SNAP-Defense, as well as other security products within the company infrastructure. Analyst will also integrate engineered solutions, implement security controls, and collaborate on IT requirements across multiple divisions within the company.

What You’ll Bring
Five (5+) years of experience in an information security role. Progressive relevant training and/or certification may be substituted for one (1) year of the experience requirement
Experience working in a Security Operations Center (SOC), Threat Hunting, or Digital Forensics and Incident Response (DFIR), preferred
Two (2+) years of experience with triaging endpoint events from EDR, NGAV, and supporting the Incident Response (IR) process
Deep knowledge on assessing threat indicators in a Windows Environment (e.g. Malware/Malicious Anomalies/Abnormal network Activity/Root Level Compromise, Forensic Artifacts, etc.)
Robust understanding of at least two of the following: Windows, Linux or OSX;
Familiarity with ELK stack (Dashboards, Logstash Config, Searching)
Scripting / Programming with Powershell, Python, and Go
Familiarity with AWS services such as EC2, S3 and IAM and Azure/M365
Experience developing, refining, and performing leadless threat hunting analysis to uncover new or potential incidents and report on results.
An advanced understanding of offensive techniques and tactics
Ability to work shifts if required (night, weekends, and day)
Excellent problem solving, critical thinking, and analytical skills with the ability to deconstruct issues (hunting anomalous pattern detection)
Excellent communication skills to effectively summarize and present findings
Bonus
Bachelor’s Degree in Computer Science or related technical discipline
Certifications such as OSCP, GREM, OSCE, eCMAP, CRTO
Network/System Administration and/or Engineering
Deep forensic knowledge of Windows, Mac OS and/or Linux
Malware Analysis (Behavioral and/or Static analysis- IDA, Cuckoo Sandbox, x86/x64 Debugging)
Pentesting/Red/Blue Team
Capture The Flag (CTF) Development
How You’ll Make an Impact

Analyze and evaluate anomalous network and system events in a 24×7 Security Operation Center (SOC) environment via conducting lead-less threat hunting
Collaborate with MDR Analysts to research and investigate emerging cyber security threats; become an escalation point of contact for advanced intrusion analysis.
Develop Incident analysis reports and work across business units and customers to bring issues to a close
Help design and build automation to reduce operational tasks of SOC processes
Provide actionable threat and vulnerability analysis based on security events for many independent customer environments
Build test lab environments to research emerging techniques and contribute to the internal and external knowledge development of threat operations.
Review sandbox technologies for additional IOCs uncovered from artifacts uncovered during analysis.
Interested?
To apply, please prepare a resume and cover letter showcasing your skillset with our requirements in mind. For more information about Blackpoint Cyber, visit our website at www.blackpointcyber.com.

Blackpoint Cyber welcomes and encourages applications from qualified individuals of all races, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status. We are committed to equality of opportunity in all aspects of employment.

We thank everyone for their interest, but only those candidates selected for an interview will be contacted.