Close

CSOC Analyst-L3 Grade

CC Staffing International

Job Description

Job Description :
Job Description & Role:
Provide planning & analytical support to accomplish mission objectives.
Accountable for the assurance of the implementations of processes are effective and sustain on all applicable systems.
Work on a broad spectrum of Cyber security capabilities, including network intrusion detection, threat intelligence, computer forensics, penetration testing, vulnerability scanning, network. mapping, incident response, e-discovery and internal Cyber security investigations.
Perform infrastructure support, and Security Information Event Management (SIEM) engineering.
Must deliver and maintain a 24×7 global response capability and ensure timely response to investigations of security events or inquiries.
Conduct analysis using both quantitative and qualitative sources.
Experience conveying technical information to non-technical consumers.
Develop the threat intelligence groups within priorities.
Experience with developing profiles on individuals and organizations.
Work comfortably on the command line for NMAP, Metasploit, bash/sh.
Work comfortably with the Linux Operating System.
Develop, maintain and brief network maps and link diagrams.
Technology Experience:
Expert level hands-on experience in Operations for Security Information & Event Management Systems (SIEM) – IBM QRadar is a must
o System Administration & Management including version upgrade
o Log Integration
o Developing & deploying of Rules for Use Case
o Expert in Parser development
o XForce Threat Intelligence Feeds integration
o SIEM Operations Troubleshooting
o Integration of SIEM with (Email, AD, SNMP, SMTP, Incident Response Platform)
o Develop / create reports and dashboards on SIEM
Expert level hands-on experience in Operations for Security Orchestration, Automation & Response (SOAR) – IBM Resilient is an added advantage
o System Administration & Management including version upgrade
o Developing & deploying of Playbooks & Runbooks
o SOAR Operations Troubleshooting
o Integration of SOAR with (SIEM, Email, AD, SNMP, SMTP, Incident Response Platform)
o Develop / create reports and dashboards on SOAR
o Experience developing integration solutions with web service APIs using REST/JSON
o Programming / Scripting in Python or JAVA
Expert level experience in deployment of any of the two below technologies
o Threat Hunting
o Incident Forensics
o Endpoint Detection & Response
o Threat Intelligence
o Data Leak Prevention
o Knowledge of different security controls & mechanisms
Expert knowledge in the following technologies:
o Microsoft Active Directory Services
o TCP/IP Based Networking Principles
o Operating Systems (Microsoft / UNIX / Linux / MacOS)
o Network Systems / Network Security Systems (Firewalls / IPS / IDS, Proxies / Load Balancers / Routers / Switches / Tapping solutions)
Additional Requirements:
9+ professional experience in a technical leadership role including at least 5+ years of direct experience in information security required
Bachelor’s Degree in Computer Science, Cyber Security, Information Systems or Business Administration
A minimum of one of the following security related certifications: CISSP, OSCP, OSEE, CEH, NIST, GSEC or CompTIA Security+ required
Excellent written and verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills, and excellent organization and interpersonal skills required
Knowledgeable in Windows Domain, network and multi-tier application architectures
Full stack understanding of end-to-end application communications
Familiar with tools such as Nessus, Burp Suite, Linux, vulnerability management tools
IPv4/6 and associated security measures
Security software countermeasures
Ability to work both independently as well as part of a geographically dispersed integrated team
Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, & sometimes ambiguous environment
Expert level knowledge of how to use network management tools & packet captures to resolve operational issues
Familiarity with industry standard network management tools and common application traffic flow patterns in multi-tiered applications
solid understanding of what comprises a scalable, robust, supportable design for SIEM & SOAR
Experience with networking, network protocols, and security infrastructures
Diversified experience with the implementation of enterprise security technologies, including anti-virus, anti-malware, DLP, IDS/ IPS, vulnerability scanners, configuration management and encryption required
Working knowledge of the penetration testing methodology and cyber security analysis.
Working knowledge with NMAP, vulnerability management tools, networking fundamentals, Internet research and Microsoft Windows & non-MS OS administration

To apply for this job please visit www.monstergulf.com.

Leave a comment
scroll to top