Gray Tier Technologies
SIEM Content Developer
Gray Tier Technologies, Little Ferry, New Jersey, us, 07643
PRIMARY RESPONSIBILITIES:
Experience with creating and implementing custom IOCs and IOAs in Crowdstrike
Experience with triaging and investigating hosts using Crowdstrike
Experienced with updating McAfee AV signatures
Experience with creating and maintaining custom Tanium packages for collecting artifacts for continuous monitoring
Provide recommendations for tuning and/or triaging notable events
Perform critical thinking and analysis to investigate cyber security alerts
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Collaborate with team members to analyze an alert or a threat
Stay up to date with latest threats and familiar with APT and common TTPs
Utilize OSINT to extrapolate data to pivot and identify malicious activity
Have experience with dynamic malware analysis
Have experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for response
Utilize the Cyber Kill Chain and synthesize the entire attack life cycle
Review and provide feedback to junior analysts' investigations
Participate in discussions to make recommendations on improving SOC visibility or process
Contribute to SOP development and updating
Provide expert guidance and mentorship to junior analysts
MUST HAVE ONE OF THE FOLLOWING J3 CERTIFICATIONS:
SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
EC Council: CEH, CHFI, LPT, ECSA
ISC2: CCFP, CCSP, CISSP CERT CSIH
Offensive Security: OSCP, OSCE, OSWP and OSEE
REQUIRED EDUCATION/EXPERIENCE:
All Tier 2 analyst candidates shall have a minimum of a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS eight (8) years of experience in incident detection and response, malware analysis, or cyber security.
#J-18808-Ljbffr
Experience with creating and implementing custom IOCs and IOAs in Crowdstrike
Experience with triaging and investigating hosts using Crowdstrike
Experienced with updating McAfee AV signatures
Experience with creating and maintaining custom Tanium packages for collecting artifacts for continuous monitoring
Provide recommendations for tuning and/or triaging notable events
Perform critical thinking and analysis to investigate cyber security alerts
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Collaborate with team members to analyze an alert or a threat
Stay up to date with latest threats and familiar with APT and common TTPs
Utilize OSINT to extrapolate data to pivot and identify malicious activity
Have experience with dynamic malware analysis
Have experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for response
Utilize the Cyber Kill Chain and synthesize the entire attack life cycle
Review and provide feedback to junior analysts' investigations
Participate in discussions to make recommendations on improving SOC visibility or process
Contribute to SOP development and updating
Provide expert guidance and mentorship to junior analysts
MUST HAVE ONE OF THE FOLLOWING J3 CERTIFICATIONS:
SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
EC Council: CEH, CHFI, LPT, ECSA
ISC2: CCFP, CCSP, CISSP CERT CSIH
Offensive Security: OSCP, OSCE, OSWP and OSEE
REQUIRED EDUCATION/EXPERIENCE:
All Tier 2 analyst candidates shall have a minimum of a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS eight (8) years of experience in incident detection and response, malware analysis, or cyber security.
#J-18808-Ljbffr