Overview
On Site
$65 - $70
Contract - W2
Contract - Independent
Contract - 6 Month(s)
Skills
Location: Greensboro
NC Local Only
Job Details
- US_Cybersecurity Analyst_Senior_VOLGJP00040165
Location: Greensboro, NC Local Only
Duration: 12 Months
Description:
Job Title: Cyber Defense Incident Responder, Senior (L3)
As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of The Volvo Group. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities.
What you will do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS)
Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation
Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats
Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements
Provide incident reports with detailed root cause analyses and actionable recommendations
Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization
Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing
Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls
Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
Who are you?
Do you dream big? We do too, and we are excited to grow together. In this role, you will bring:
Bachelor s degree in Computer Science or a related 4-year technical degree
Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities
One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP
Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments
Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)
Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management
Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols
Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)
Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls
Working knowledge in modern cryptographic algorithms and systems
Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics
Network design knowledge including security architecture
Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)
Conceptual understanding of cyber threat hunting
Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response
Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting
Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement
Knowledge of new and emerging cybersecurity technologies
Ability to create technical documents as well as stakeholder sitreps and briefing documents
Preferred Qualifications:
Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles
CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement
Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
Demonstrated knowledge in cyber defense policies, procedures, and regulations
Knowledge of cyber vulnerability management processes
Knowledge of common user and system authentication and authorization mechanisms
As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of The Volvo Group. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities.
What you will do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS)
Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation
Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats
Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements
Provide incident reports with detailed root cause analyses and actionable recommendations
Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization
Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing
Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls
Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
Who are you?
Do you dream big? We do too, and we are excited to grow together. In this role, you will bring:
Bachelor s degree in Computer Science or a related 4-year technical degree
Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities
One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP
Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments
Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)
Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management
Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols
Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)
Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls
Working knowledge in modern cryptographic algorithms and systems
Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics
Network design knowledge including security architecture
Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)
Conceptual understanding of cyber threat hunting
Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response
Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting
Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement
Knowledge of new and emerging cybersecurity technologies
Ability to create technical documents as well as stakeholder sitreps and briefing documents
Preferred Qualifications:
Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles
CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement
Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
Demonstrated knowledge in cyber defense policies, procedures, and regulations
Knowledge of cyber vulnerability management processes
Knowledge of common user and system authentication and authorization mechanisms
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.