Lead / Cybersecurity (Threat Detection & Response Analyst) Engineer
Job Title: Lead / Cybersecurity (Threat Detection & Response Analyst) Engineer
Remote
ā¢ Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security events and false positives.
ā¢ Correlate intelligence, to develop deeper understandings of tracked threat activity.
ā¢ Apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information.
ā¢ Pivot through open-source and internal frameworks for related data associated with potentially malicious Indicators of Compromise (IoCs) and Indicators of Attack (IoAs).
ā¢ Triage potentially malicious binaries and/or other types of malware, including familiarity with basic to intermediate static/dynamic analysis techniques.
ā¢ Prepare and report risk analysis and threat findings to appropriate stakeholders.
ā¢ Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
ā¢ Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise.
ā¢ Script basic tasks with high-level scripting languages, such as Python or PowerShell.
ā¢ Threat Detection & Response Playbook Development, Standard Operating Procedures, Amtrak ITSM Cyber Incident Management and Handling Playbook Development, Non-Cyber & Physical Incident Playbook Development
Apply tot his job
Apply To this Job
Remote
ā¢ Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security events and false positives.
ā¢ Correlate intelligence, to develop deeper understandings of tracked threat activity.
ā¢ Apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information.
ā¢ Pivot through open-source and internal frameworks for related data associated with potentially malicious Indicators of Compromise (IoCs) and Indicators of Attack (IoAs).
ā¢ Triage potentially malicious binaries and/or other types of malware, including familiarity with basic to intermediate static/dynamic analysis techniques.
ā¢ Prepare and report risk analysis and threat findings to appropriate stakeholders.
ā¢ Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.
ā¢ Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise.
ā¢ Script basic tasks with high-level scripting languages, such as Python or PowerShell.
ā¢ Threat Detection & Response Playbook Development, Standard Operating Procedures, Amtrak ITSM Cyber Incident Management and Handling Playbook Development, Non-Cyber & Physical Incident Playbook Development
Apply tot his job
Apply To this Job