Experience:
5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
2/7/2018
Job Category:
Information Services
Senior Cyber Security Threat Handler
(This job is no longer available)
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

Senior Cyber Security Threat Hunter

Salary: $125k to $132k Flex $150 + 15%

Schaumburg, Chicago - preferred or Tulsa, OK, Knoxville, TN, Madison, WI

Looking for a Cyber Security Threat Hunter incident response detect, design and build custom tools forensics analysis of network packet. Captures DNS Proxy NetFlow Malware Host based strong knowledge of SOC detecting advanced adversaries creating automation logs automation Splunk ELX NetFloew PCAP Analysis 20-25 different security tools; FOR508 certification a plus

Responsibilities:

  • Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies
  • Design and build custom tools for investigations, hunting, and research
  • Assist in the design, evaluation, and implementation of new security technologies
  • Lead response and investigation efforts into advanced/targeted attacks
  • Hunt for and identify threat actor groups and their techniques, tools and processes
  • Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
  • Provide expert analytic investigative support of large scale and complex security incidents
  • Perform Root Cause Analysis of security incidents for further enhancement of alert catalog

Education:

  • BS in Computer Science or related field, or equivalent experience
  • Industry Cyber Security Certifications including; CEH, CISSP-ISSEP, CISSP-ISSAP, GIAC Certified Incident Handler (GCIH), Certified Computer Security Incident Handler (CSIH), Splunk Certified Knowledge Manager, Splunk Certified Admin, or Splunk Certified Architect.

Experience:

  • 5+ years of relevant cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a SOC
  • Experience with the incident response process, including detecting advanced adversaries, log analysis using Splunk, ELK, or similar tools, and malware triage
  • Knowledge of the Cyber Kill Chain and the Diamond Model of Analysis
  • Experience with creating automated log correlations in Splunk, ELK, or a similar tool to identify anomalous and potentially malicious behavior
  • Experience with Netflow or PCAP analysis
  • Experience with a common Scripting or programming language, including Perl, Python, Bash or Shell, PowerShell, or batch
  • Experience with the Windows file system and registry functions or.NIX operating systems and command line tools
  • Knowledge of the underlying logic that security alerts are built upon and apply them when analysing raw logs and creating new dashboards and alerts
  • Knowledge of typical behaviors of both malware and threat actors and how common protocols and applications work at the network level, including DNS, HTTP, and SMB

Qualifications

Applicants must be eligible to work in the specified location