Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Cyber Defense - Tier 2 Analyst / Threat Hunter
Company Citizens
Location Providence, RI, USA
Preferred GIAC Certifications GREM, GCIH, GCIA, GCED
Travel 0%
Salary Not provided
Contact Name Ben
Contact Email bbj/at/
Expires 2021-08-28

Job Description

In this role on the Cyber Defense Advanced Practices (CDAP) Team you will be working closely with the Threat Intelligence, Content Engineering and Attack Surface Management teams and will serve as an incident responder to assess the risk, impact, and scope of identified security threats, as well as participating in the response efforts. In this critical role you will help mature an existing hunting, malware analysis and advanced threat detection programs within the organization.

Primary responsibilities include:

* Hunting for complex insider and outsider threats that affect the Bank
* Focusing on partnerships and information sharing, support organizations on strategic direction to mitigate threats.
* Analyzing vulnerability assessment and penetration testing results to help identify stealthy threats
* Leveraging technical and non-technical capabilities to eradicate threats.
* Participating in ad-hoc technical teams on coordinated responses and subsequent remediation of security incidents.
* Assisting in multi-step investigative analysis to trace activities associated with advanced threats
* Identifying potential malicious activity from memory dumps, logs, and packet captures
* Supporting proactive deep malware analysis, and recommending defensive actions to effectively defend against malware related attacks
* Providing direction and guidance to more junior staff on a team of security and technical professionals
* Making recommendations on how to optimize security monitoring tools based on threat hunting discoveries
* Defining tool requirements to improve SOC capabilities
* Facilitating the evaluation, selection and implementation of supporting SOC systems and tools
* Participating in project planning, task definition, estimating, reporting, scheduling, documentation, and workflow
* Participating in 24/7 on call rotation as a point of escalation for incidents outside of normal business hours (nights, weekends, and holidays).


Required Skills/Experience:

* 3 or more years of progressive security industry experience
* Demonstrated understanding of various operating systems (Windows, Unix, Linux, etc) with an emphasis on Security Operations
* Experience with programming/scripting (Python, Powershell, Ruby, PHP, Perl, etc.)
* Experience with malware reverse engineering and tools such as IDA Pro, OllyDbg, PEID etc.
* Hands on experience with Security Information and Event Management technologies (QRadar, ArcSight, Splunk etc.)
* Ability to serve as an escalation resource and mentor for junior analysts
* Experience with computer security incident handling, coordination and response
* Knowledge and experience required in the areas of security assessment and vulnerability * scanning, risk based threat analysis, and security mitigation techniques
* Excellent oral and written communications skills with the ability to communicate technical concepts to non-technical audiences

Education, Certifications and/or Other Professional Credentials:

* Bachelor’s Degree (Security / IT Related) or equivalent combination of experience
A combination of relevant industry certifications including, but not limited to CISSP, GREM, * GCIH, GCIA, CEH, GCED, CISA, etc.

Hours & Work Schedule
* Hours per Week: 40
* Work Schedule: Monday through Friday