|Date Posted||February 19, 2019|
Title: Cyber-Security Operational Support Specialist
Duration: 6 month (with possible extension)
Location: Princeton NJ 08543
● Position needed for Cyber Threat Operations capabilities
● Level 2 Cybersecurity Analyst (Incident Response/SIEM/Malware Analysis/Network Packet Analysis)
● Seeking an experienced Level 2 cybersecurity analyst to serve as a consultant performing incident response triage and analysis using network security tools in a CIRT/SOC environment. Primary tools capabilities include Endpoint Detection and Response (EDR), Network Full Packet Capture, Malware Sandbox, and SIEM
● Level 2 advanced member of cyber threat operations team that is responsible for detection and response for advanced threats. Recognizes and identifies potential threats to the network and systems connected to the network from the Internet and Intranet.
● Operates, documents, and maintains security controls. Monitors for, and investigates potential security breaches. The team also reviews internal and external network traffic to create policies that intercept Malware and other network attacks using network packet capture and other network IDS capabilities.
● Additionally the team is responsible for the infrastructure support, configuration, and use of the Endpoint Detection and Response (EDR) environment, to detect and respond to advanced threats.
● Second-level support to review, triage, analyze, and respond to alerts received in SIEM and other cyber security detection tools
● Proactively review network data packets for potential attacks
● Malware analysis as appropriate
● Support forensic investigations as appropriate
Work Experience/ Skills Required
● Minimum of 3 years of InfoSec experience, preferably in a CIRT/SOC environment
● Minimum of 3 years but prefer 5+ years of Networking, TCP/IP, switching/routing/firewall experience.
● Minimum of 2 years but prefer 5 years of Network analysis, with a focus on security, tcpdump, windump, wireshark.
● Experience with host-based triage, forensics, and malware analysis using Endpoint Detection and Response (EDR) tool
● Experience analyzing network traffic with network monitoring toolset
● Experience analyzing log events and alerts in a SIEM environment
● Experience using a malware sandbox
● Experience with cyber incident response
● Experience with software and OS vulnerability, CVE, patch and threat analysis
● Experience with CVEs, patch analysis, threat analysis
● Written and verbal communication at a level appropriate for customer interaction/visibility
● Bachelor’s degree in a technical discipline is strongly preferred but will look at candidates with equivalent experience
Helpful industry certifications
● CISSP, SANS GIAC (GCIA, GCIH, GCFA, GNFA), CCIE, CCNA, CEH, Security+, Network+, and other security vendor specific certs.