Position Title: Sr. Threat Monitoring Analyst
Location: Raleigh, NC
Status: Green Card/US Citizen
Clearance: Ability to obtain Public Trust
Client requires a dedicated supplemental resource to support Cyber Threat Intelligence Center operations in the role of Mid-level Threat Monitoring Analyst capability.† This resource will be part of a Cyber Threat Intelligence team responsible for the collection and analysis of enterprise cyber security data from multiple sources.
Duties & Responsibilities
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering. Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Execute planning, execution and delivery of SOC Transformation services
-Candidate should possess three years of experience in SOC Transformation and operational delivery of monitoring and incident response services
-Works with program management to define the schedule for the engagement
-Creates business and functional/design requirements documents, oversees the creation of and tests the processes, workflows, plans and run books
-Identifies key deliverables and manages the project operations from a day to day perspective
-Provides weekly updates to program management
-Demonstrated hands-on experience developing content in enterprise SIEM platforms
-Administration, architectures and security elements
-Good communication skills
-Demonstrated customer service skills
-Must be flexible with working different shifts.
4. Desired Qualifications
-Incident handling experience
-Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations
-Knowledge of adversary activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP)
-Advanced understanding of networking, system
-UNIX/Linux command line experience
-In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platforms (e.g., Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
-Demonstrated experience with the LM-CIRT or similar Computer Incident Response organization
-Experience with malware analysis concepts and methods.
||Threat Monitoring Analyst
Opportunity Employer M/F/D/V