Cyber Threat Hunting and Incident Response Analyst

Responsibilities

Complete threat hunting in on-premises, cloud, and hybrid environments.
Define, document, test and manage incident response processes, document processes and procedures in the form of playbooks and reference guides.
Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools.
Conduct forensics: host-based disk and memory as well as network; analyze to determine root cause and impact.

Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts.
Perform all phases of incident response life cycle: preparation, analysis, containment, eradication, remediation, recovery, and post-incident activity.

Minimum five years of recent security monitoring experience and incident response activities; preferably within a professional services firm or similar environment; experience with IT process definition and/or improvement
Bachelor's degree from an accredited college/university or equivalent work experience.
Solid understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures.
Experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools.

Understanding of network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux, open-source software, scripting, SQL, and software programming.
Strong verbal/written communication with ability to effectively interact with individuals at all levels of responsibility and authority; ability to prioritize, delegate and foster the development of high-performance teams to lead/support an environment driven by customer service and teamwork;
strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans.
Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future.