No more applications are being accepted for this job
- Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in network and on host.
- Find evidence of attack, and attackers' actions thereafter.
- Work with team to produce effective countermeasures against found evidence. Also, contributes to mitigations for future attacks of a similar nature.
- Follow Security Operations Center (SOC) policies, procedures for incident reporting and management. Create a detailed Incident Report (IR) and contribute to lessons learned. .
- Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.
- Work with SOC team to help contain intrusions.
- Generates documentation as required by the Client.
- Thorough understanding of network protocol behaviors. Ability to understand netflow and PCAP.
- Thorough knowledge of open-source tools to visualize PCAP data (Wireshark, TCPDump, etc.).
- Network Switches
- Network Architecture and Design
- Threat Modeling
- Malware Engineering
SOC Analyst Lead - Washington, United States - Dunhill Professional Search
Description
Job Description:
Skills
#cjpost