Threat Hunter - Penetration Tester

Threat Hunter, Threat Hunting, Penetration Tester, Penetration Testing
Contract W2, 6 Months
Depends on Experience
Travel not required

Job Description

Job Requirements:

  • Bachelor or master’s degree in Computer Science, Information Systems, or equivalent experience.
  • At least 4+ years of directly related experience in Information Security Threat Detection and Incidence response.
  • Experienced in analysis of data for cause; identification of casual factors, root causes, and recommendations; report development; tailored presentations.
  • • Experienced in managing investigation-related document library and responding to external group requests.
  • • Familiarization with common protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.).
  • Familiarity with various types and techniques of cyber-attacks.
  • Experienced with command-line interfaces.
  • Experience in Log and Event analysis and data correlation.
  • Strong experience in Packet analysis tools (tcpdump, Wireshark, ngrep, etc.).
  • Strong experience in SIEM (Splunk, RSA).
  • Excellent command of English, both written and verbal.
  • Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues.
  • Customer-oriented with a strong interest in customer satisfaction.
  • The ability to learn new technologies and concepts quickly.
  • Must possess either one or more of the following certifications – CEH, CHFI, SANS GCIH, SANS GCFA, CISSP.

 

Job Description:

Key Responsibilities

  • Perform trend analysis on reoccurring incidents and produce reports on such trends in such format as senior management requires from time to time.
  • Manage, monitor and where possible ensure Problems and Major Incidents are permanently fixed (including identifying, recording and allocation of Problems/Major Incidents to the relevant team)
  • Ensure that the root cause of Problem is proactively identified and documented
  • Chair and contribute to any meetings concerning Incident Root Cause Analysis
  • Drives our strategy for SIEM and oversees the effectiveness of the technology and process. Involves appropriate tuning, correlation of critical logs, connection to our incident response process, and reporting of relevant metrics.
  • Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
  • Ability to lead technical bridge lines to develop quick containment solutions to cyber-security incidents
  • Respond to critical security incidents and supervise escalation teams to close incidents with response, containment and remediation actions.
  • Create, maintain and promote a set of CSIRT operation playbooks to effectively trigger and execute the security incident response process.
  • Manages the current state of logging and monitoring, maintains a vision of ideal state of logging and monitoring and drives a prioritized roadmap to reduce the gaps.
  • Present incident response report and lessons learned to management
  • Provide security control enhancement recommendations based on security incident data
  • Communicate and build effective relationships with people at all levels
  • Responsible to manage and drive to closure all Audit issues to the Incident Response and Management process.
  • Familiarity with security vulnerabilities, exploits, malware and digital forensics.
  • Ability to manage projects, milestones, and deliverables for business-related objectives.
  • Communicates and educate information security risks to end-users
  • Build security utilities and tools for internal use that enables you and your fellow team mates to operate at high speed and broad scale
  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
  • Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats
  • Work with the Security Response Center analysts on incident response tickets and manage / prioritize queue assignments

  

ACCOUNTABILITIES

Provides holistic security guidance to a wide variety of internal business partners across network, host, database, application, and people/process domains.

At advanced levels, may provide program or portfolio-level guidance to business unit leaders and embedded security champions.

Typically offers deeper specialization and expertise in one or more areas.

 

RESPONSIBILITIES

Prioritizes own work and may have duties instructing, directing, assigning and overseeing work of more junior team members

Understands and contributes to cybersecurity strategy, policy, standards, and procedures

Creates and delivers presentations to both technical and non-technical audiences on Cybersecurity topics

Translates cybersecurity requirements into specific systems, applications and product designs for a specific client, program or project

Collaborates with clients regarding secure product configuration, deployment, and how they align and adhere to applicable security policies and standards to minimize security vulnerabilities

Guides clients in development and implementation of security control

Dice Id : apn
Position Id : DELL_THREAT
Originally Posted : 3 months ago
Have a Job? Post it

Similar Positions

Security / Threat Hunter
  • The Jupiter Group
  • Houston, TX, USA
Penetration Tester
  • Zachary Piper Solutions, LLC
  • Washington, DC, USA
REMOTE Penetration Tester
  • Zachary Piper Solutions, LLC
  • Washington, DC, USA
Penetration Tester
  • Zachary Piper Solutions, LLC
  • Washington, DC, USA
Exploit Development / Penetration Tester
  • Northrop Grumman
  • Fairfax, VA, USA
Security Engineer - Penetration Tester
  • Clear Capital
  • Reno, NV, USA
Security Engineer III-
  • Dimensional Thinking
  • Jersey City, NJ, USA
Incident Response Engineer - Automotive Security
  • Zaspar Technologies
  • Newark, CA, USA
CyberArk Monitoring Analyst
  • Kforce Technology Staffing
  • Boston, MA, USA