Job Profile: Threat Detection
Job location: San Antonio,TX
Job Description:
Technical knowledge to write & develop rules for CIRT analysis, experience on ELK stack, Fireeye HX, Sysmon, Winlogbeat, CI-CD pipeline.
Deep understanding of cyber threat actor attacker techniques and tools (such as malware, common attack types) including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits), proficient with MITRE Telecommunication&CK
Deep understanding of security operations center processes, tools, and data for analysis & control mitigations, security event timeline analysis and baselining with experience in the analysis of logs and data for the development and implementation of custom detections to counter attacker techniques, known vulnerabilities and evasion methods
Security architecture (network topology, firewalls, proxies, web content filtering, wireless, EDR, IDS, IPS, SIEM, SOAR, etc.)
Network data sources (full packet analysis, flow data, dns logs, proxy logs, NIDS, etc.)
Knowledge and experience with common scripting languages and tools Python, PowerShell, Bash, YAML
Deep knowledge of compound logical operations (AND, OR, NOT), regular expressions
Experience extracting data from logs, SQL, and APIs
Knowledge and experience with tools used to build threat detections (Elastalert, Logstash, Kibana (ELK), Fireeye HX, Sysmon, Winlogbeat, Linux Auditd)
Deep understanding and experience with Operating Systems Including: Administration, configuration, registry, processes (Windows, Mac, and Linux)
Experience in red team/blue team/incident responder interactions
Understanding of CI/CD pipelines
Experience with source control tools (Git)
Regards
Shubham Chandra
Sr. US IT Recruiter
Diverse Lynx LLC |300 Alexander Park|Suite #200|Princeton , NJ 08540
Office: +732-452-1006 Ext330
Email: shubham.chandra@diverselynx.com | URL: http://www.diverselynx.com
Last updated on Aug 30, 2023