Job
Description
Essential Responsibilities Ability to apply thorough and methodical assessment skills to analyze and properly triage reported events and incidents • Possess excellent and thorough communication and documentation skills • Ability to work collaboratively in a team of professionals sharing workload and investigation assignments in a fast-paced environment • Ability and willingness to provide (when necessary) afterhours (night and weekend) support for security related incidents as needed • Maintain skills through annual and ongoing training and certification • Performs analysis to determine scope, risk, and impact of security events leveraging the MITRE ATT&CK framework and other best practices • Identifies supporting information for events including attack vectors, effected resources, effected profiles, and other supporting evidence • Properly and thoroughly document event findings, evidence, analysis steps, and create after action reports and recommendations if needed • Identifies and applies mitigation controls (where possible) to remediate alerts • Engages appropriate levels of management to provide updates to any ongoing security issues • Provides updates to team guidance and other central documentation Job Qualifications List of minimum education and minimum years of experience, level of knowledge, skills, abilities, licensures, certifications and other job-related requirements that must be met to be considered for a position. GCC's cannot hire candidate's that do not meet all of the minimum qualifications. Fewer minimum qualifications and more preferred qualifications broadens the applicant pool. Minimum Qualifications Bachelors degree in Information Technology, Computer Science, or a related field, and a minimum of 3 years experience in Cyber Security •Additional equivalent work experience of three years of work experience may be substituted for degree requirement, in addition to minimum years of experience (6 years total) • Possess and leverage knowledge of cybersecurity practices including functional areas and cybersecurity operations Additional Requirements 3+ years hands-on experience with cybersecurity platforms including Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), antivirus (AV), Identity and Access Management (IDAM), Security Information and Event Monitoring (SIEM), and Security Orchestration and Automation (SOAR) platforms • Related work or educational experience in Information Technology (IT), particularly in cybersecurity/information security Licenses and Certifications Cybersecurity certifications including CompTIA Network+, Security+, Cloud+, Ethical Hacker, EnCE, GCFE, GCFA, GNFA, GDAT, GCIH, GREM, CISA, CISM, CISSP, and/or similar cybersecurity certifications Preferred Qualifications List of nice-to-have skills that are not required, but are desired qualifications that would compliment the job. These include complex skills, unique knowledge, job experience, added education, certifications, or licenses. Note: If a skill is required, please list it under minimum and basic qualifications. Certifications in Information Technology and/or Cybersecurity • Possesses knowledge of security technologies at multiple layers: Identity and Access Management, Intrusion Detection, Endpoint Protection, Data Loss Prevention, Security Information and Event Monitoring, etc. • Three (3) year experience in cyber security vulnerability, threat response, or investigation. • Three (3) year experience working on project or technical teams
