Job Description :
We are looking for SOC Analyst / Cyber Security Analyst immediately
Work Location; Durham, NC
Start Date : ASAP
Duration : 12 months
Experience: Min 8 - 12 years
Required Skills
- Previous operational experience in a CSIRT, CIRT, SOC, or CERT
- Foundational understanding tactics used by APT, Cyber Crime and other
associated threat group
- Expert understanding of network communications (TCP/IP fundamentals, HTTP
basics)
- Expert understanding of multiple operating systems such as Linux, Solaris,
BSD, or Windows
- Expert understanding of intrusion detection systems (e.g. Snort, Suricata)
and tools (e.g. tcpdump, Wireshark)
- Practical experience with security incident response
- Security Incident Management - analysis, detection and handling of
security events
- Comprehension of how attacks exploit operating systems and protocols
- Must understand how to analyze network traffic for suspicious and
malicious activity
- Hands-on experience with other security technologies:
- Next-Gen Intrusion Detection Systems - FireEye, Damballa, or Palo Alto
WildFire
- Security Information & Event Management (SIEM) - ArcSight, Splunk, QRadar,
etc
- Packet capture technologies - NetWitness, Solera, Moloch, or at a minimum,
WireShark or tcpdump
- Scripting experience with one or more of the following: PERL, Bash,
PowerShell, Python
- Ability to write technical documentation and present technical briefings
to varying audiences
- Ability to work with a globally distributed team and rely heavily on
electronic communication
- Ability to travel as needed to support the corporate objectives.
Desired Skills:
Foundational understanding tactics used by APT, Cyber Crime and other
associated threat group
Experience with IT network communications troubleshooting (netflow,
WireShark, traffic analysis)
Experience with IT security technical controls (AV, Snort, firewall, syslog,
SIEM, , ArcSight, Splunk)
Experience with host-centric malware detection, identification and response
Previous operational experience in a CIRT, SOC, or CERT
Experience with the Cyber Kill Chain framework