Sorry, this job is no longer available.
(Loading More Opportunities)Cybersecurity Operations (SecOps) Analyst [Incidence Response & M365]
Role Responsibilities:
- Conduct threat analysis, assessment, and malware triage in support of security investigations
- Provide first/second level security support, monitor alerts, handle incidents and service requests
- Coordinate remediation and restoration efforts
- Record identified vulnerabilities, create remediation tickets and track their status
- Recognize and research attacker tools, tactics, and procedures (TTP) in indicators of compromise (IOCs) that can be applied to current and future investigations
- Build internal scripts, tools, and automation processes to enhance detection and response capabilities
- Bachelors in: Computer Science, Information Security, Cybersecurity, or a related degree.
- 2-4 year experience in one or more areas: Security Operations, Incident Response, Information Security Technology, etc.
- Strong security concepts of threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, etc.)
- Working experiences to security tools such as SIEM, EDR, firewalls, IDS/IPS, anti-spam, content management, server and network device hardening, etc.
- Strong knowledge of Windows, Linux and/or Mac OS and comfortable with looking at, understanding, and investigating Security Event logs.
- Good knowledge of networking protocols (SMTP, HTTP, HTTPS, FTP, DNS, DHCP, etc).
- Experiences of any query language and scripting language
- SharePoint, Excel, JIRA and/or Microsoft Office skills
- Experience in using security orchestration, automation, and response tools
- Experience with query languages and scripting languages
- Strong knowledge and experience working with M365 Security tools, Azure, AWS, GCloud
- Experience in using security orchestration, automation, and response tools