Job Description 

The primary duty is to ensure the organization’s digital assets are secure and protected from unauthorized access and being responsible for hunting, detecting, and responding to digital security threats, specifically for IoT devices and applications. 

Roles and Responsibilities

• Specialize in the analysis of IoT device and agentless host security monitoring, troubleshooting and mitigation.
• Perform network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis (SIEM).
• Perform daily response operations on a schedule that may involve nontraditional working hours.
• Curate signatures, tune systems/tools, and develop scripts and correlation rules.
• Analyze host and network forensic artifacts and identify patterns and behaviors related to threat actors.
• Lead technical aspects of incident detection, prioritization, and response.
• Mentor and train incident responder and incident responder specialists.
• Collaborate and generate documentation for knowledge sharing & transfer with other analysts, populated in our internal knowledgebase(s).
• Contribute to incident response automation within SOC tools (SOAR, SIEM, etc.).
• Interface with user community to understand their security needs and recommend actions to accommodate client requirements.

Requirements:

• Bachelors degree in Computer Sciences, Cyber Security or STEM majors.
• Experience – 1 year or fresh graduates with strong cyber security academic knowledge are encouraged to apply.
• Candidates must be proficient in written and verbal English communication.
• Should have technical experience with Windows, UNIX, and Linux operating systems; network protocols and packet analysis tools; anti-virus and anti-malware, IDS/IPS, penetration, and vulnerability testing.
• Should have practical experience with vulnerability management of IoT devices, host forensics and network analysis techniques and tools, malware and reverse engineering, responding to threats in cloud platforms (AWS, Azure, Google, etc.), C, C++, C#, Java or PHP programming languages.
• Should have a detailed understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.), APT, Cyber Crime and other associated tactics CISSP, CISM or related SANs or Industry certifications; Security Information and Event Management (SIEM/SOAR); TCP/IP, computer networking, routing and switching; and Firewall and intrusion detection/prevention protocols.

Apply Now

Please mention the job opportunity you are applying for in “Subject”.