Cyber Security Analyst

Responsibilities:

• Analysis of network data (packets, logs) and endpoint data (logs, malicious artifacts) in both structured and unstructured methods
• Analysis of malware (executables, scripts, etc.) to determine indicators of compromise, and create signatures for future detection of similar samples
• Creating Threat Hunting Playbooks and Use Cases to proactively identify threats affecting client's networks
• Participate in exercises to simulate attacks and determine responsiveness of processes and procedures
• Creating a feedback loop with security control owners to help tune systems based on the results of investigations
• Acting as a high tier escalation point for security incidents to provide technical expertise to the incident response process
• Develop content within tools to detect anomalous activity (SIEM Content, Custom Signatures, etc.)
• Identify and understand new environments and tooling

Required Skills:

5+ years of Cyber Security experience which includes the following:

• Fundamental understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools such as Wireshark
• Fundamental understanding of digital forensics as applied to host-based forensics, memory forensics, network forensics, and cloud forensics
• Knowledge of operating system internals (virtual memory, paging, etc.) and techniques employed by malware to evade detection
• Experience in Threat Hunting and/or Reverse Engineering malware
• Translate complex technical concepts into plain English for consumption by non-technical audiences

Preferred Skills:

• Industry certifications such as CISSP or GCIH
• Undergraduate degree