Cybersecurity – SOC Threat Monitoring
Our client is a young growing organization providing consulting and advisory services in cyber security, cyber intelligence and cyber defense. These services are provided for companies in a wide range of industries including financial services, health, chemical, technology & communications, manufacturing, transportation, utilities, etc. Some of the offerings they provide are architecture, engineering, transformative services, response & remediation, enterprise security testing, industrial control systems security, security assessments & strategy, SOC transformation, etc.. Due to growth, we are recruiting for several key positions including Cyber Security Operations Consultants. Selected individuals will have a growth path, an opportunity to learn and the ability to make an impact.
Work in the Philadelphia area or Lehigh Valley, PA area.
Rapidly expanding Cyber Security consulting group can offer you the opportunity to work on cutting edge Cyber Security Consulting projects with Fortune 500 companies. If your passion is cyber security design and implementation in a highly collaborative, fast paced, and agile environment across large global enterprises then this organization will appeal to you. Excellent compensation including strong bonus and excellent benefits package combined with the chance to work with the top cyber security professionals on the most advanced security systems make this an unparalleled opportunity.
Provide threat monitoring and cyber defense services
Work in a dedicated SOC environment providing 24x7x365 support with a focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations to ensure defensive resiliency
Be responsible for network based defense to include monitoring of the HP ArcSight SIEM and security technologies to verify potential threat activity.\
Analyze network logs, process mitigations, determine and escalate threat, and maintain the defensive state of detection and alerting capabilities
Ability to work flexible schedules including shift work, weekends, and holidays.
Prior experience working in a Security Operations Center or similar environment providing threat monitoring, intrusion detection, analysis, threat determination, and mitigations processing and tracking.
Must be self-motivated and able to work both independently and as part of a team.
Previous experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other internal SOC organizations.
Previous experience working with various network and system security technologies to include SIEM, data analytics platforms, end-point tools, network technologies and appliances, etc.
Experience working across organizational lines of business to implement mitigations, remediation’s, and countermeasures resulting from cyber threat intrusions.
Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
Previous experience working with and documenting analysis results in a knowledge or intelligence management system.
Knowledge of industry recognized analysis frameworks (Diamond Model, Kill Chain, NIST Incident Response, etc.).
Bachelor’s Degree in an IT related field and/or equivalent work experience.
Relevant certifications (Security +, CISSP, GCIA, GCIH, GISF, GCED, GMON, etc.)
Previous experience working in Security Operations Centers.
Hands on experience working with Incident Response and Cyber Threat Intelligence functions.
Previous experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
Previous experience working with various SIEM technologies, HP ArcSight preferred but other SIEM experience such as Splunk ES, IBM QRadar, and/or McAfee Nitro also applicable.
Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
Previous experience supporting cyber defense analysis of Operational Technology (OT) Networks to include Integrated Controls Systems (ICS), SCADA, and Process Control Networks (PCN).
Travel Requirements: 25% to 40% to client locations primarily in the Philadelphia area presently.