Tier 2 Shift Lead / Secret
Tasks
- Analyze logs to identify contain and remediate suspicious activity
- Analyze malicious scripts and code
- Analyze network traffic to identify anomalous activity
- Conduct forensic analysis of host artifacts network traffic and email content
- Coordinate and report incident information to CISA
- Coordinate incident analysis and response with government teams
- Create tickets and initiate workflows per technical SOPs
- Detect classify process track and report cyber security events and incidents
- Monitor and respond in SOAR platforms and incident communication channels
- Perform advanced in depth analysis of tier 1 alert triage
- Perform malware analysis to generate IOCs
- Submit alert tuning requests
Perks/Benefits
- N/A
Skills/Tech-stack
Adversary TTPs | Bash | Cloud Security | Cloud security monitoring | Cybersecurity monitoring | D3FEND | Defender for Endpoint | Defender for Identity | Detection and Response | Digital forensics | EDR | Elastic SIEM | Endpoint Detection and Response | Endpoint detection | Event management | Incident Response | Indicator of Compromise | Log Analysis | Malware analysis | Microsoft Azure | Microsoft Defender | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Sentinel | Mitre Attack | Network Traffic | Network Traffic Analysis | Powershell | Python | QRadar | SIEM | SOAR | Security Automation | Security Information | Security Information and Event | Security Information and Event Management | Security Orchestration | Security monitoring | ServiceNow | Splunk | Splunk SOAR | Threat Intelligence | Traffic analysis
Education
Related jobs
-
AWS | Active Directory | Bash | Cloud platform | CloudFormationFamily leave | Health care plan | Paid time off | Retirement plan | Training and developmentSenior-level Full TimeIndiana, United States - Remote R1d ago
-
Team Lead, Security Operations Center (SOC) - 2nd Shift USD 121K-152KCyber Security | Detection engineering | EDR | Evidence Based Investigation | Incident Response401(k) plan matching | Bereavement leave | Employee assistance program | Employee discount program | Health and wellbeing benefitsSenior-level Full TimeRemote - Nationwide, United States R2d ago
-
Case management | Corelight | CrowdStrike | Cyware CSAP | Detection SystemsHybrid work | On-call rotation | Telework optionMid-level ContractAustin, United States3d ago
-
CERT Lead USD 110K-155KAWS | Cloud platform | Cyber Threat | Cyber Threat Intelligence | Cybersecurity247 operations readiness | Flexible shiftsSenior-level Full TimeBrooklyn, NY, United States3d ago
-
Data Architecture, Senior Advisor USD 146K-234KAWS | Access Control | Azure | CI/CD | Cloud Computing100 percent remote | Active clearance optionSenior-level Full TimeUnited States R3d ago
-
Lead Engineer – Operational Technology Network Security USD 100K-151KAccess Management | Armis | Asset visibility | Check Point | CiscoAdoption Assistance | Backup dependent care | Employee resource groups | Infertility coverage | Mentorship programsSenior-level Full TimeUSA - PA - Conshohocken - …3d ago
-
Lead Cybersecurity USD 168K-237KAWS | Access Management | Angular | Asynchronous processing | Azure401k plan | Accidental death insurance | Adoption reimbursement | Employee assistance program | Employee discountsSenior-level Full TimePlano, Texas3d ago
-
Director, Security Operations & SOC Leader USD 168K-255K800-171 | Automated response | CISSP | CMMC | Content LifecycleSenior-level ContractLowell, United States; Lowell, MA, United …3d ago
-
Senior Associate - Patch & Vulnerability Operations Lead USD 111K-159KAsset Inventory | CMDB | Change Management | Dashboarding | Executive reportingHybrid workMid-level Full TimeRemote, any state, US R3d ago
-
Identity & Access Management (IAM) Technology Lead USD 130K-190KAWS IAM | Access Certification | Access Control | Access Lifecycle | Access ManagementSenior-level Full TimeBoston, United States3d ago
-
AWS | Access Management | Application Security | Azure | Cause analysisBackground Investigation required | Comprehensive technology setup | Monthly Connectivity reimbursement | Work from home optionMid-level Full TimeUSA - IL (Remote), United States R3d ago
-
Incident Response Manager USD 128K-173KCause analysis | Cloud Security | Digital forensics | EDR | Exposure ManagementAccommodation support | Hybrid workMid-level Full TimeLocation Austin, Texas3d ago
-
Senior-level Full TimeAtlanta, GA, United States3d ago
-
Network and Security Operations Lead USD 127K-179KAWS | Access Control | CIS Controls | Capacity Planning | Cloud networkSenior-level Full TimeTallassee, Alabama, United States; Duluth, Georgia, …3d ago
-
Site Cyber Security Leader USD 85K-122KAPI Design | Access Control | Agile | Application Security | BashSenior-level Full TimeIOWA CITY PLANT, United States4d ago
-
Agile | Ansible | Bash | Change Management | CipherTrust Transparent Encryption401k plan | Commuter benefits | Disability benefits | Life insurance | Paid time offSenior-level Full Time142019-NC-300 South Brevard, Charlotte, United States4d ago
-
Security Technical Spec Lead USD 116K-151KActive Directory | Application control | Bash | Compliance Management | CybersecurityComprehensive benefits package | On-call schedule | Overtime for incident response | Relocation assistanceSenior-level Full TimeAEP Headquarters, United States4d ago
-
Lead Security Encryption Engineer USD 224KAgile Scrum | Ansible | Ansible Automation | Ansible Playbooks | Bash401k plan | Commuter benefits | Disability benefits | Life insurance | Paid time offSenior-level Full Time145784-TX-Building 110, San Antonio Ops Center, …4d ago
-
Security Operations Center Lead USD 125K-150K365 Security | 800-53 | Access Control | Access Management | Active DirectorySenior-level Full TimeMain Campus, United States4d ago
-
Experienced or Lead System Architect - IAMD USD 112K-185KADA | Agile | Brassboard Hardware | Breadboard Hardware | C++RelocationSenior-level Full TimeUSA - Huntsville, AL, United States4d ago
-
Adobe Acrobat | Audit Support | Business Continuity | Business Continuity Planning | Business ResilienceSenior-level Full TimeUSA - PA - Collegeville, United …4d ago
-
Lead Security Engineer USD 200KApplication Security | Code review | GraphQL | IAM | Incident ResponseSenior-level Full TimeSan Francisco, New York4d ago
-
Data Scientist / Risk Modeling Lead USD 106K-158KPython | R | Tableau | VBAEqual employment opportunity | Remote workSenior-level Full TimeWashington, District of Columbia, United States4d ago
-
ALM | Artificial Intelligence | At risk | Capital risk | DatabricksSenior-level Full TimeNew York, NY, United States4d ago
-
Security Engineer, Corporate Security USD 200K-325K802.1x | Access Control | Access Control Lists | Application Allowlisting | AutomationSenior-level Full TimeSan Francisco4d ago