SOC Analyst Lead - Washington, United States - Dunhill Professional Search

    Dunhill Professional Search
    Dunhill Professional Search Washington, United States

    1 week ago

    Default job background
    Description

    Job Description:

    • Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in network and on host.
    • Find evidence of attack, and attackers' actions thereafter.
    • Work with team to produce effective countermeasures against found evidence. Also, contributes to mitigations for future attacks of a similar nature.
    • Follow Security Operations Center (SOC) policies, procedures for incident reporting and management. Create a detailed Incident Report (IR) and contribute to lessons learned. .
    • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.
    • Work with SOC team to help contain intrusions.
    • Generates documentation as required by the Client.
    • Thorough understanding of network protocol behaviors. Ability to understand netflow and PCAP.
    • Thorough knowledge of open-source tools to visualize PCAP data (Wireshark, TCPDump, etc.).

    Skills

    • Network Switches
    • Network Architecture and Design
    • Threat Modeling
    • Malware Engineering

    #cjpost