Cyber Threat Analyst/Hunter
Job Details
Full Job Description
Company Description
ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government's Small Business Administration.
Job Description
We are seeking a Cyber Threat Hunter/Analyst for a contract opportunity in Littleton, CO. In this role, you will be configure security solutions, identifying and prioritizing potential threats. You will also perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. Lead security incident investigations. Complete and deliver complex security reports to management in business terms. Additional responsibilities of this role are as follows:
- Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
- Create correlations and other logic to identify attackers and defend the network against advanced attacks.
- Hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
- Provide expert analytic investigative support of large scale and complex security incidents
- Perform Root Cause Analysis of security incidents for further enhancement of alert catalog.
- Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
- Report Run Verification – ensure customer reports run as scheduled
- Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
- Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
- Handle Tier 2 event incident response, case management, and customer notification
- Ensure security devices contain up-to-date signatures libraries
- Assist with engineering tasks as necessary
- Train SOC Level 1 Analysts on new attack signatures and attack methodologies
- Providing process and operational improvement suggestions
- Review and update documentation (such as SOPs and TTPs)
- Complete vendor training as requested by Management
- Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required
- SOC Activity Log –creating, reviewing, and maintaining entries , working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.
- Tuning – regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered
Qualifications
• 5+ years of
Information Security experience
• 5+ years Firewall management and
rules analysis
• 2-4 years of systems analysis
• Working
knowledge of Linux and syslog from CLI
• Excellent writing and
communications skills
• Familiarization with a variety of
information and network security monitoring tools (ArcSight SIEM,
QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool,
and Imperva WAF, among others)
• Ability to work in a dynamic
team-centered environment
Certifications preferred (any of these will be great):
• Certified Information Systems Security
Professional (CISSP)
• Information Systems Security Engineering
Professional (CISSP-ISSEP)
• Systems Security Certified
Practitioner (SSCP)
• CompTIA Security+
• Certified Ethical
Hacker (CEH)
• Certified Security Analyst (ECSA)
• Certified
Incident Handler (ECIH)
• CompTIA Cybersecurity Analyst
(CSA+)
• Information Technology Infrastructure Library
(ITIL)
• Cisco CCNA
• Cisco CCNP + Security
• GSEC
•
GCIH
• GCIA
• MCSE
• Linux+
Additional Information
This contract role is located onsite in Littleton, CO. Due to the Federal Government projects this role will be supporting, the selected candidate for this role, will need to be a U.S. Citizen.
Cyber Threat Analyst/Hunter
ClientSolv Technologies
All Direct Job Ads are subject to WhatJobs Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by WhatJobs. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.