Analysis of network data (packets, logs) and endpoint data (logs, malicious artifacts) in both structured and unstructured methods
Analysis of malware (executables, scripts, etc.) to determine indicators of compromise, and create signatures for future detection of similar samples
Creating Threat Hunting Playbooks and Use Cases to proactively identify threats affecting client's networks
Participate in exercises to simulate attacks and determine responsiveness of processes and procedures
Creating a feedback loop with security control owners to help tune systems based on the results of investigations
Acting as a high tier escalation point for security incidents to provide technical expertise to the incident response process
Develop content within tools to detect anomalous activity (SIEM Content, Custom Signatures, etc.)
Identify and understand new environments and tooling
Required Skills:
5+ years of Cyber Security experience which includes the following:
Fundamental understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools such as Wireshark
Fundamental understanding of digital forensics as applied to host-based forensics, memory forensics, network forensics, and cloud forensics
Knowledge of operating system internals (virtual memory, paging, etc.) and techniques employed by malware to evade detection
Experience in Threat Hunting and/or Reverse Engineering malware
Translate complex technical concepts into plain English for consumption by non-technical audiences
Preferred Skills:
Industry certifications such as CISSP or GCIH
Undergraduate degree
Employment type
Contract
Job function
Analyst
Industries
Insurance
Referrals increase your chances of interviewing at BayOne Solutions by 2x