Our client is a young growing organization providing consulting and advisory services in cyber security, cyber intelligence and cyber defense. These services are provided for companies in a wide range of industries including financial services, health, chemical, technology & communications, manufacturing, transportation, utilities, etc. Some of the offerings they provide are architecture, engineering, transformative services, response & remediation, enterprise security testing, industrial control systems security, security assessments & strategy, SOC transformation, etc.. Due to growth, we are recruiting for several key positions including Cyber Security Operations Consultants. Selected individuals will have a growth path, an opportunity to learn and the ability to make an impact.
Work in the Philadelphia are or remotely from home.
SOC Operations provides the opportunity to work in dedicated network defense environments with focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations to ensure defensive resiliency. The threat monitoring role is primarily responsible for network defense to include monitoring of the SIEM and security technologies to verify potential threat activity. In this role, candidates will serve as Subject Matter Experts, guiding clients in their efforts to refine and improve investigative and communication workflows. Daily activities will include providing expert guidance to clients in their analysis of network logs, processing of mitigations, and determination and escalation of threat detections. Successful candidates will help maintain the defensive state of detection and alert capabilities for clients during this process and will be expected to work collaboratively in a teaming environment with various touchpoints, handoffs, and continuous prioritization.
• Experience working in a Security Operations Center or similar environment providing threat monitoring, intrusion detection, analysis, threat determination, and mitigations processing and tracking.
• Hands-on experience in performing Incident Response and Cyber Threat Intelligence functions.
• Previous experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other internal SOC organizations.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from cyber threat intrusions.
• Experience deploying Fidelis to egress points, data centers and remote sites.
• Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
• Ability to successfully communicate and transfer knowledge to provide clients with self-sustainable threat security programs.
• Previous experience working with and documenting analysis results in a knowledge and/or intelligence management system.
• Previous experience working with various network and system security technologies to include SIEM (such as Splunk ES, Securonix, IBM QRadar, HP ArcSight, and/or McAfee ESM/Nitro), data analytics platforms, endpoint tools, network technologies and appliances, etc.
• Experience with integrating industry-recognized network defense frameworks (e.g., MITRE ATT&CKTM, Lockheed Martin Cyber Kill Chain®, Diamond Model, etc.) into network defense processes.
• Ability to evangelize security concepts to a wide audience and influence decision-making processes.
• Strong communication (both verbal and written) and client intimacy skills with experience briefing corporate executives and professionals
• Must be self-motivated and able to work both independently and as part of a team.
• Bachelor’s Degree in an IT related field and/or equivalent work experience
• Master’s Degree in Cyber Security or IT-related field.
• Certifications: CISSP, GCIH, GCFA, GCFE, GMON, GSEC, or other relevant security certifications.
• Provide input, guidance and direction on the overall market offering(s) related to SOAR and play an active role in evangelizing, building and developing our portfolio.
• Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
• Knowledge of security best practices in hardening and protecting networks, servers, endpoints, applications, and databases.
• Project Management experience, including a deep understanding of the client’s environment, the overall project scope, work plans, milestones, and engagement schedules.
• Experience in managing cyber security functions, strategy, and risk within Fortune 500 companies, or providing those services in a consulting capacity.
• Knowledge of industrial control systems, compliance standards (e.g., NERC CIP), and related cyber security standards (e.g., IEC 62443).