VantageLinks is a dedicated Information Technology (IT) staffing company supporting our clients with all their IT Needs. We currently have an opening for a Security Threat Specialist II with one of our premier clients.
THIS IS A DIRECT ROLE WITH OUR CLIENT. WE ARE UNABLE TO ACCEPT H1B CANDIDATES AND PLEASE NO STAFFING AGENCIES.
Responsible for coordinating with InfoSec Team and trusted Third Party Provider for Threat Detection & Response activities to manage Incident Response procedures from Preparation through to Root Cause Analysis, Lessons Learned, & Closure. Researches, communicates and prepares remediation guidance on current Threats and Vulnerabilities. This position involves additional support requirements such as 24-hour on-call coverage for High-Severity Security Incidents. Although travel is usually planned in advance- issues can arise which could warrant immediate travel to one or more satellite locations.
Essential Functions Statement(s)
- Lead research, analysis, and response for all security-related alerts through the complete Incident
- Response life cycle including effective and timely escalation and communication
- Perform SIEM monitoring, query, analysis, tuning, and reporting as well as deeper anomaly analysis involving network traffic, IDS/IPS/DLP events, packet captures, and FW logs
- Develop advanced queries, correlations, and alerts to detect adversary actions as needed
- Provide forensic analysis of packet captures, internal/external DNS, Netflow, Endpoint Protection logs, as well as logs from various types of security sensors and controls systems
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts including response and investigation efforts into advanced persistent threats
- Compile detailed investigation and analysis reports for upstream Incident reporting
- Analyze and evaluate effectiveness and compliance of security control technologies relative to current and forecasted malicious threat landscape
- Perform Root Cause Analysis of security incidents for further tuning and improvement of detection and response effectiveness
- Perform regular updates of existing Playbooks based on changes in the Threat Landscape or upon discovery of new threat tactics to improve Incident Response procedures.
• Organization - Adequately plan, organize, communicate, and execute an array of activities from simple tasks and complex projects to deliver results in a timely and fiscally responsible manner with personal accountability.
• Interactions With Others - Must be a team player who interacts well with other members of the IT and other company associates. Must seek out and share information and develop trust and rapport with coworkers at all levels in the organization.
• Interpersonal Skills - Focuses on solving conflict, not blaming; Maintains confidentiality; Listens to others without interrupting; Keeps emotions under control; Remains open to others ideas and tries new things. Social skills are essential
• Judgment - Displays willingness to make decisions; Exhibits sound and accurate judgment; Supports and explains reasoning for decisions; Includes appropriate people in decision-making process; Makes timely decisions.
• Motivation - Sets and achieves challenging goals. Demonstrate persistence and overcome obstacles. Measure self against standard of excellence. Take calculated risks to accomplish goals.
• Oral Communication - Speaks clearly and persuasively in positive or negative situations; Listens and gets clarification; Responds well to questions; Participates in meetings.
• Teamwork - Balances team and individual responsibilities; Exhibits objectivity and openness to others views; Gives and welcomes feedback; Contributes to building a positive team spirit; Puts success of team above own interests; Able to build morale and group commitments to goals and objectives; Supports everyone's efforts to succeed.
• Written Communication - Writes clearly and informatively; Edits work for spelling and grammar; Varies writing style to meet needs; Presents numerical data effectively; Able to read and interpret written information.
• Working Relationships - Ability to obtain and appropriate the proper usage of equipment, facilities, materials, as well as personnel.
• Accuracy - Ability to perform work accurately and thoroughly.
• Active Listening - Ability to actively attend to, convey, and understand the comments and questions of others.
• Initiative - Ability to make decisions or take actions to solve a problem or reach a goal.
SKILLS & ABILITIES
Bachelor Degree (minimum), or equivalent experience; Certified Cyber Threat Analyst (CCTA) - or- GIAC Cyber Threat Intelligence (GCTI) certification or equivalent experience required.
- 4-7 years’ experience in Cybersecurity Operations.
- 3-5 years’ direct experience in Incident Response.
- Significant Information Security Domain knowledge, Forensic Analysis/Research skills, and Functional Networking knowledge and skills required.
- IT Functional Windows/UNIX Administration & Hardening experience preferred.
Various security control configuration, current SIEM, Anti-Malware/Endpoint Protection, Active Directory, IDS/IPS/Firewall, TCP/IP, PCAP, etc. RegeX, Python, PowerShell are highly desirable.
- Must be self-motivated, team oriented and possess strong communication and interpersonal skills.
- Candidate should possess strong organizational skills, be detail oriented, and self-motivated with a demonstrated ability to problem solve.
- Strong sense of urgency and strong commitment to quality customer service is required.