Cyber Security analyst- Threat detection

Apply for this position Please mention DailyRemote when applying
timePosted 12 days ago location United States salarySalary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Hii,, Hope you are doing good, we have an opportunity for Cyber Security Information Security engineer, if you are interested please reply me with your updated resume at mailto or you can reach me on linkedin httpswww.linkedin.cominmegha-morwal-7a920a15a httpswww.linkedin.cominmegha-morwal-7a920a15a Designation Cyber Security engineer Information Security Threat detection operation Experience Required 4 to 10 Years Company Name TTNI, (TT Network Integration US, Inc.) Rate 45 to 60hr max (negotiable) Contract Long term 6+mnths to yr Location Plano, TX (Initial remote, but requires onsite once situation gets better.) Job Description and Responsibilities The Threat detection operation role creates detection logic tailored to enterprise threat landscape using industry-specific intelligence and developed use cases. Maintains data source catalog containing information on indicators, correlations and existing detection logic. Works closely with Incident Detection team to ensure monitoring is in place for quick detection of IOCs.Also works with Security Engineering in onboarding new data sources and with Cyber Threat Intelligence (CTI) personnel for development of relevant use cases across various networks of our ecosystem. KEY RESPONSIBILITIES Experience in threat hunting utilizing IOCs and statistical and anomaly analysis. Experience applying IOCs and current trends identified via Cyber Threat Intelligenceto threat hunt in enterprise environments. Develop use cases and create threat detection logic, rules, and alerting in SIEM for response by IR analysts Work with Incident Detection and Response to identify and recommend new internal and external data sources to develop additional threat detection logic Analyze threat information gathered from logs, intelligence reports, vendor sites, and a variety of other sources and recommends rules and other process changes to protect against the same Operationalize IOCs from various sources including past and present incidents by developing, testing, and deploying monitoring and alerting rules into SIEM or other applicable monitoring and alerting platforms. Enhance and provide training to operation members. Manage threat hunting related communication with our affiliates. Assist affiliates and group to improve cybersecurity maturity and strengthen cybersecurity posture. MINIMUM QUALIFICATION BABS or MAMS in Engineering, Computer Science, Information Security, or Information Systems or comparable trainingexperience required 3+ years of experience in one or more of the following areas offensivedefensive hunt techniques, offensive zero-day exploit activities, malware identification methods 2+yrs experience leading a team and mentoring the team members Experience with content development and tuning dashboard Expert knowledge of network monitoring and network exploitation techniques Experience with common attack vectors, including advanced adversaries (nation statefinancial motivation) Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs and forceful browsing Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly Ability to learn and operate in a dynamic environment Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB Strong written communication skills Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets