Responsibilities:
- Analyze and triage alerts from log sources to assess impact and scope, taking appropriate remedial actions.
- Process and analyze security threats to identify potential risk gaps and organizational impact.
- Collaborate with the threat intelligence team to enhance contextual analysis and support threat hunting.
- Act as a point of contact for end-users and stakeholders, providing incident updates and related support.
- Provide weekend duty analyst support for 24/7 threat monitoring and incident coordination.
- Assist in project coordination for the rollout and implementation of assigned projects.
- Offer technical expertise to virtual teams as needed for operational directions and administrative support.
Technical Skills:
- Strong understanding of cyber and IT security risks, threats, and prevention measures.
- Beneficial certifications: CISSP, GCIH, or similar.
- Proficiency in networking and network security technologies.
- Knowledge of Threat Intelligence utilization in incident response.
- Familiarity with security standards and best practices.
- Understanding of various operating systems.
- Knowledge of the Cyber Kill Chain and strong analytical skills.
- Previous experience in a corporate or enterprise environment, including engagement with senior management.
- Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, and Access).
- Knowledge of Splunk is beneficial.
- Experience with Threat Hunting techniques (endpoint and network data)
- Strong understanding of attack lifecycle and common attack vectors, tools and techniques
- Ability to leverage existing data to identify anomalies / IOA / TTP
- Ability to develop / maintain detection/prevention use cases
- SIEM (Splunk ES) and EDR (CrowdStrike) experiences