Core Responsibilities
- Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
- Develop alerting and detection strategies to identify malicious or anomalous behavior.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
- Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
- Perform enterprise-wide operations to uncover sophisticated and undetected threats.
- Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
- Provide expertise in a supporting capacity for incident response activities and digital forensics state preservation, including the capture and preservation of system logs, volatile memory captures, and hard drive (physical or virtual) image captures.
- Conduct host forensics, network, forensics, log analysis, and malware triage in support of hunt operations.
- Interface with client contact(s) and staff in a constructive and professional manner.
- Utilize common forensic and incident response tools.
What We Value
- Knowledge of operating and maintaining a SIEM.
- Knowledge of cloud architectures, particularly AWS.
- Experience in penetration testing.
- Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest technologies.
- Ability to train others on the use of forensic and incident response techniques and tools.
What We Require
- TS/SCI Clearance.
- Established experience in operating in SOC environment, either through relevant experience or qualifications.
- Experience with programming or scripting languages such as PowerShell, Python, and Bash.
