Network & CyberSecurity Analyst (12+ years exp. required)
Terms: 12+ Mo CT
Location: 5500 E. Oltorf St, Austin, TX 78741 – Hybrid Schedule | Must be local
Interview Process: 2 rounds of interview
Essential Job Functions
- Proactively conduct threat hunting activities to identify malicious activity, advanced persistent threats, and indicators of compromise not detected by automated tools
- Develop and execute hypothesis-driven hunts based on threat intelligence, adversary tactics, techniques, and procedures (TTPs), and organizational risk profiles
- Analyze endpoint, network, identity, and cloud telemetry to detect anomalous or suspicious behavior
- Investigate and validate potential security incidents, determine root cause, and assess scope and impact
- Collaborate with incident response, SOC, and detection engineering teams to support containment, eradication, and recovery activities
- Translate threat hunting findings into actionable detection logic, alerts, and analytics to improve security monitoring
- Document hunting methodologies, findings, and recommendations in formal reports and knowledge repositories
- Contribute to the development and tuning of security use cases, queries, and detection rules across SIEM, EDR, NDR, and cloud security platforms
- Leverage threat intelligence sources to track emerging threats, attacker tools, and campaigns relevant to the organization
- Support purple team activities, tabletop exercises, and continuous adversary simulation efforts
- Maintain awareness of evolving attacker techniques and emerging cybersecurity threats
Top Skills:
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
8+ Years Strong understanding of attacker tactics, techniques, and procedures.
8+ Years' Experience analyzing logs and telemetry from SIEM, EDR/XDR, network security, identity platforms, and cloud environments.
8+ Years Proficiency in query languages and scripting used for threat hunting.
8+ Years Solid knowledge of Windows, Linux, and cloud operating systems, including common attack vectors and persistence mechanisms.
8+ Years Proven expertise in security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
8+ Years Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats and designing solutions to mitigate those threats.
8+ Years Knowledge and experience working with relevant National Institute of Standards and Technology (NIST) standards.
8+ Years Familiarity with threat intelligence sources, malware analysis concepts, and digital forensics fundamentals.
8+ Years' Experience documenting investigations, creating hunt reports, and communicating technical findings to diverse audiences.
8+ Years Strong analytical, problem-solving, and critical-thinking skills.
8+ Years Ability to work independently while collaborating effectively within cross-functional cybersecurity teams.
8+ Years Ability to resolve complex security issues in diverse and decentralized environments; to learn, communicate, and teach new information and security technologies; and to communicate effectively.
8+ Years Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
8+ Years' Experience creating/reviewing/updating security policies and standards for the public/private/hybrid cloud contexts.
3 Preferred GSEC, CEH, CISA, CCSP
3 Preferred Certification as an AWS Solutions Architect, Cloud Security Certification, and/or OpenStack Administrator Certification a plus. (Other cloud-related certification also a plus.)
3 Preferred Experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools.
3 Preferred Experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft).
3 Preferred Experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic).
3 Preferred Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope).
3 Preferred Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler).
--You received this message because you are subscribed to the Google Groups "Daily C2C distribution list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to daily-c2c-distribution-list+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/daily-c2c-distribution-list/29b4ea6e-fad4-4d2e-a1d0-ad1806e90026n%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
