Job description

• 1+ years of experience with supporting enterprise EDR solutions, including Carbon Black EDR, , SentinelOne, FireEye HX, McAfee, Tanium,etc.
• 1+ years of experience in working with a Security Operations Center (SOC) environment, leveraging EDR tools, CrowdStrike Falcon (is a plus), to support incident response, vulnerability scanning, threat hunting, network monitoring and log management, and compliance management activities
• Experience with deployment of an EDR solution in a customer environment
• Ability to provide content on deliverables, including written reports and technical documents, SOPs and configuration guides, and training and briefing materials
• Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
• Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
• Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.)
• Understanding of incident response methodologies and reporting
• Experience using ticketing systems for tracking (JIRA, Remedy, ServiceNow, etc.)
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers

Preferred Qualifications

• Experience with triaging security events in a SOC environment and leveraging data collected from enterprise security solutions
• Experience with providing support in a Tier I or II IT operations and maintenance role, including ticket work information updates, issue responses, and remediation
• Knowledge of federal information security policies, standards, procedures, directives, frameworks, federal security authorizations, assessment, and risk management processes for enterprise systems
• Ability to integrate cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk
• EDR Vendor Certification - CrowdStrike Falcon (is a plus)
• Experience performing triage/incident response in enterprise environments
• Experience performing forensic analysis of logs and packet captures to identify malicious artifacts
• Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP)
• Research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
• A mentoring/leadership background including mentoring other analysts and orchestrating team efforts for problem solving
• Ability to manage projects to completion both individually and in a group
• Possession of excellent written and verbal communication skills
• Bachelor’s degree
• EDR Vendor Certification - CrowdStrike Falcon (is a plus)

Job Type: Contract

Pay: $55.00 - $60.00 per hour

Schedule:

• 8 hour shift

Experience:

• Linux: 1 year (Preferred)
• Cybersecurity: 1 year (Preferred)
• Information security: 1 year (Preferred)

Work Location: Remote

Speak with the employer
+91 7448743899

arclintfl.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, arclintfl.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, arclintfl.com is the ideal place to find your next job.