Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CyberDefense Consultant
Company NetWitness
Location Remote
Preferred GIAC Certifications GCIH, GCIA
Travel 20%
Salary Not provided
Contact Name Matt Craddock
Contact Email matt.craddock/at/
Expires 2022-06-14

Job Description

NetWitness CyberDefense Consultant

As one of the most established cybersecurity companies in the world, we at
NetWitness are hard at work every day helping our customers and partners
better protect their organizations from cyberattacks. Our products and services are used within most large enterprises, governments and
militaries for incident response and threat hunting. Our Sales Professionals,
Sales Engineers and Professional Services Consultants design and deliver
solutions for potential and existing customers to enable better visibility, insight
and action to prevent and defend against attacks. NetWitness provides the
unique ability to provide one single platform with a unified view across all attack
surfaces including Network, Logs/SIEM, Endpoint and IoT combined with our AI-
based User and Entity Behavioral Analysis (UEBA) and Security, Orchestration,
Automation & Response (SOAR) capabilities.

Principal Accountabilities:

Work with customers to better enable their ability to detect threats and respond.

Provide input on cybersecurity best practices around assessment and response procedures

Develop detection content and use cases within the Netwitness product

Understand assessing customer gaps in visibility and provide next step recommendations

Assist customers increase visibility and detection capability working in synergy with
incident response team members and providing expert advice about
how to investigate potential attacks

Support with pre and post-sale opportunities to help demonstrate advanced
usage of the NetWitness product suite, while also providing an opportunity
for knowledge transfer and enablement of clients and internal RSA staff

Perform research and develop techniques to identify and mitigate threats,
staying abreast of all emerging threats and developing creative solutions to
solve customer issues

Travel up to 20% although primarily remote


Excellent written/verbal communication and interpersonal skills

An understanding and application of the MITRE ATT&CK framework

Expertise in at least one of the following domains: Network Forensics, Host
Based Forensics, Log Analysis

Basic threat intel analysis

UNIX/Linux expertise, Specifically CentOS