Cyber Security Professional--CrowdStrike/Elastic & Incident response

Job Title: Cyber Security Professional

Location: 710 Slater Rd, Morrisville, NC 27560, United States

Duration: 6 Months

Preferred skills: Any experience with EDR tools like CrowdStrike, SIEM tool like Elastic, decent incident response and investigation skills, any information security certification will be great

What we're looking for:

A seasoned Cyber Security professional with a strong background in incident response and security operations. You thrive in dynamic environments and are passionate about safeguarding organizational assets from evolving cyber threats. With over 5 years of experience in a Security Operations Center (SOC) or Incident Response role, you possess a deep understanding of various security frameworks and are adept at correlating and analyzing data from multiple log sources. Your technical expertise spans across network protocols, data protection, and cloud environments, making you a versatile and invaluable asset to any security team. You are a proactive communicator, capable of articulating complex security issues to diverse audiences, and you are committed to continuous learning and improvement in the ever-evolving field of cybersecurity.

What You ll Be Doing:

Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems.

Continually improving cyber security procedures and documentation to enhance the security posture of the organization.

Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support.

Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment.

Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements.

Collaborating with business groups to establish and maintain strong working relationships.

What You ll Need:

Strong written and verbal communication skills, with the ability to establish and maintain strong working relationships with business groups.

Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management.

Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS.

Familiarity with various cloud environments (AWS, Azure, O365).

Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements and ability to apply them to an enterprise environment.

In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems.

Functional and practical experience with at least one development or scripting language/framework (e.g., PowerShell, Python, .Net) and regular expressions.

Bachelor's Degree in Information Security, Computer Science, or equivalent combination of education, training, and experience.

Hold or willingness to obtain certifications such as GCIH, GCFE, GCFA, GCSA, GMON, CISSP, or other relevant security certifications.

Fluent in writing, reading, and speaking English.