SOC Incident Response / Tier 2 Specialist (senior)
Company: CyberData Technologies
Posted on: October 14, 2020
Title SOC Incident Response Tier 2 Specialist (senior) Location
Rockville, MD (50 remote after 90 days) CyberData Technologies Inc.
is currently hiring an experienced Incident Response specialist
with cyber security policy assessment experience for our federal
client located in Rockville, MD. The Incident Response Specialist
will be tasked with a variety of assessment and analysis duties,
including SOCIR Engineer Job functions will be split 70 SOC
Engineer, and 30 SOC Analyst work. Required Strong analytical and
investigation skills active threat hunting and adversary tracking.
Experience with IDSIPS technologies such as SourceFire and Palo
Alto Firewalls. Candidate should be familiar with rules sets,
monitor IDSIPS events, and monitor IDSIPS functional operational
status. Experience with FireEye technologies, such as NX, HX, AX.
Experience with various EDR solutions. Experience with
troubleshooting in an Active Directory environment. A solid
understanding of Windows 20122016 Server, Windows 710, the
Microsoft registry, remote administration, and other MS products.
Experience with the Enterprise Incident Response Cycle Preparation,
Detection Analysis, Containment and Recovery, Post Incident
Analysis. Solid experience with TCPIP protocols and ports. SOC
analysis and SIEM experience with Splunk. Candidate should be able
to write basic Splunk queries, create dashboards and reports, and
be familiar with Splunk Enterprise Security (ES). Experience with
sniffers, packet capture and netflow tools including Wireshark
(required) Candidate should be able to efficiently gather and
analyze data with these tools to detect potential IT security
incidents, identify indicators of compromise, and troubleshoot
network events. Experience in Information Security and with the use
of security devices. Desired Write custom scripts using Python
(preferred) and Powershell to automate certain tasks. Candidates
with Splunk certifications are preferred (i.e. Power User, Admin,
etc.) IPv6 experience a plus Preferably firewall and ACL
experience. Experience with NetWitness a plus CyberData
Technologies, Inc., is an equal opportunity employer and all
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, national origin,
disability status, protected veteran status, or any other
characteristic protected by law.
Keywords: CyberData Technologies, Rockville , SOC Incident Response / Tier 2 Specialist (senior), Other , Rockville, Maryland
Didn't find what you're looking for? Search again!