Principal Cyber Defense Ops Specialist

• Conducting network forensics, log analysis, and malware triage in support of incident response investigations
• Utilizing current and future tools to perform hunting for complex insider and outsider threats
• Analyzing vulnerability assessment and penetration testing results to help identify stealthy threats and drive remedial action of critical threats
• Supporting proactive deep malware analysis, and recommending defensive actions to effectively defend against malware related attacks
• Recommend how to optimize security monitoring tools based on threat hunting discoveries
• Facilitating the evaluation, selection and implementation of supporting SOC systems and tools
• Helping develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Exercising analytical skills and knowledge of supervision regulations

• 7 or more years of progressive security industry experience
• Demonstrated understanding of various operating systems (Window, Unix, Linux, AIX, etc) with an emphasis on Security Operations
• Hands on experience with: Security Information and Event Management Tools (QRadar, Arcsight, Splunk, etc.)
• Intrusion Prevention Tools
• Database Security Tools (Guardium)
• Data Loss Prevention Tools (Symantec, Websense, etc.)
• Firewalls (Cisco, Palo Alto, Check Point etc.)
• Application Security Tools
• Vulnerability tools
• Cyber Security Incident Response
• Network Intrusion Detection Systems (SourceFire, McAfee, etc.)
• Host Intrusion Detection Systems
• Packet Capture tools
• Experience with threat taxonomies, models (e.g. MITRE ATT&CK), and Indicators of Compromise (IOCs)
• Experience with one or more scripting language (Bash, Python, Perl, PowerShell, etc.)
• Experience with malware reverse Analyzing and tools such as IDA Pro, OllyDbg, PEID etc.
• Knowledge of Advanced Persistent Threat (APT) actors and associated tools, techniques, and procedures (TTPs)
• Excellent oral and written communications skills
• Strong analytical and critical thinking skills
• Self-motivation with the ability to work under minimal supervision
• Experience with computer security incident handling, coordination and response
• Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques

A combination of relevant industry certifications including, but not limited to CISSP, GREM, GCIH, GCIA, CEH, GCED, CISA, etc

• comprehensive medical, dental and vision coverage
• retirement benefits
• maternity/paternity leave
• flexible work arrangements
• education reimbursement
• wellness programs
• competitive pay
• opportunity to earn an annual discretionary bonus