Defensive Security Analyst

Core Responsibilities

• Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
• Develop alerting and detection strategies to identify malicious or anomalous behavior.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
• Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
• Perform enterprise-wide operations to uncover sophisticated and undetected threats.
• Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
• Provide expertise in a supporting capacity for incident response activities and digital forensics state preservation, including the capture and preservation of system logs, volatile memory captures, and hard drive (physical or virtual) image captures.
• Conduct host forensics, network forensics, log analysis, and malware triage in support of hunt operations.
• Interface with client contact(s) and staff in a constructive and professional manner.
• Utilize common forensic and incident response tools.

What We Value

• Knowledge of operating and maintaining a SIEM.
• Knowledge of cloud architectures, particularly AWS.
• Experience in penetration testing.
• Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest technologies.
• Ability to train others on the use of forensic and incident response techniques and tools.

What We Require

• TS/SCI Clearance.
• Established experience in operating in SOC environment, either through relevant experience or qualifications.
• Experience with programming or scripting languages such as PowerShell, Python, and Bash.