Monitor alerts across Security Stack and provide advanced detection and response
service through security event analysis review.Perform incident response and basic malware analysis to investigate incidents.Help navigate staff from incident response triage into the incident response process if
findings are substantiated.Work with the senior security engineers and analysts in fine-tuning the security systems
removing any false positive alarms.Maintain current knowledge of tools and best practices in forensic and incident response
and develop an understanding of advanced persistent threats, including tools, techniques,
and procedures of attackers.Lead security vulnerability management program recommending best practices/solutions
to address vulnerabilities, secure hosts, applications, databases, and network
technologies.Strengthen Security operations monitoring by extracting data from threat intelligence and
develop understanding of adversary TTPs.Monitor the performance of security solutions to identify and bring to attention breaches
and potential intrusion incidents.Monitor security logs and alerts from various sources, including intrusion detection
systems, Endpoint Detection and Response (EDR) systems, and security information and
event management (SIEM) tools.Investigate and analyze security incidents, identify root cause, and develop appropriate
mitigation strategies.Execute security response actions, including full remote remediation of endpoints.Perform threat hunting and proactive analysis to identify potential security risks and
vulnerabilities.Implement security frameworks including CIS Benchmarks, ASD essential 8 on systems.Handle cyber security incidents in conjunction with the existing service providers from
detection through to completion, including maintaining incident response documentation, postmortem
root cause analysis, writing incident reports, and providing lessons learned and
enhancements required.TECHNICAL PROFICIENCY: One of these following certifications: CISSP (Certified
Information Systems Security Professional), CISM (Certified Information Security Manager)
or CCISO (Certified Chief Information Security Officer). Technical understanding of digital
forensics and incident response in accordance with NIST standards. Experience working and
designing solutions that meet compliance standards for NIST, ISO, CMMC, PCI, and DOD
regulatory controls. Advanced proficiency with Microsoft Office products, including Word,
Outlook, PowerPoint, and Excel. #J-18808-Ljbffr