Direct End Client - Forensic Analyst / IT Security Analyst V - Remote

Apply for this position Please mention DailyRemote when applying
Posted 6 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Title: Forensic Analyst / IT Security Analyst V

Location: Glendale, AZ - 100% Remote

Duration: Long term contract

Description:

The successful candidate will be required to analyze indicators to generate actionable intelligence and insight into current threats. He or she will help enhance our capabilities by formulating new analytic techniques and working across teams to drive the supporting capabilities. A deep understanding of current APT actors and TTPs as well as experience performing question driven analysis is required. Candidates should have a solid grasp of network and host-based indicators and how to best use them. He or she should be able to script and help automate recurring tasks to improve the overall effectiveness of the team. An understanding of operating systems internals will be an asset.

Knowledge, Skills and Abilities

Required:

  • Strong knowledge of recovering data from damaged or erased hard drives, tracing hacks, gathering and maintaining evidence, and writing and reviewing investigative reports.
  • Understanding of legal standards that guide criminal investigations.
  • Ability to work across a variety of technologies
  • Strong foundation in cloud-native investigative techniques and incident response methodologies
  • Strong understanding of authentication technologies and connectivity concepts
  • Experience with network, operating system, and application security tools sets
  • Firm understanding of cloud service models and a shared responsibility model (IaaS, PaaS, SaaS) across public cloud CSPs (AWS, Google Cloud Platform, Azure)
  • Experience in analyzing cloud provider logs (e.g. CloudTrail, Stackdriver, Azure Monitor Logs) to identify and respond to security events
  • Strong analytical, written, and verbal communication skills
  • Able to work with a changing schedule that includes standard or non-standard business hours of work
  • Ability to weigh business needs against security concerns and articulate issues to management
  • Solid understanding and technical expertise in security architecture

Education, Certifications and nice to haves:

  • BS degree in Computer Science, MIS, Computer Engineering, or 8+ years equivalent technology experience
  • 6+ years of work experience in a Security Operations or equivalent role
  • 4+ years of hands-on experience in responding to threats in public cloud (AWS, Google Cloud Platform, Azure)
  • 6+ years of experience with tracking APT groups and other
  • Skills: high-grade threats
  • 6+ years of experience in system, network, and/or application security
  • 6+ years of experience building automation
  • 6+ years of experience with SQL or other query languages

Preferred:

  • Splunk ES (Security)
  • Splunk UBA
  • Splunk Phantom
  • GCIH Certification