Contribute to continuous monitoring efforts in our Security Operations Center (SOC)
Generate detailed incident reports describing evidence of a threat actor, and justification for escalating the incident
Invent and utilize new workflows to detect advanced and emerging threat actors
Assist with reconnaissance activities on red team engagements
Prepare detailed plan of attack with contingencies
Write reports detailing findings and recommendations
Review customer systems to locate vulnerabilities, and describe the level of risk present
Evaluate customer networks for any risks, and clarify strategy for resolving or mitigating risk
Take meticulous notes and demonstrate strong reporting abilities with attention to detail
Perform work successfully with minimal supervisory oversight
Perform other duties as assigned.
Basic Qualifications -
In depth understanding and proficiency in Linux and Windows operating systems
Experience with vulnerability scanning and penetration testing.
Knowledge and practice in network management and NGFW security platforms.
Genuine interest / passion in information security
Demonstrable understanding of security standards such as NIST and ISO 27000
Knowledge and comfort with at least one programming language, such as C, C++, Ruby, or Python.
Ability to work independently or as part of a team.
Preferred Qualifications -
Security Certification desired, such as CISSP, HCISSP, CISM, CISA, GIAC certs, or other.
Networking and Systems Certifications are a plus (CCNA, CCNP, N+, A+, MCP, etc.)
Proficiency with commercial and open source security products, such as Metasploit, PowerShell Empire, Wireshark, Kali Linux, and Nexpose (1) or more years in a Security Analyst, Security Engineer, or operations role with significant security focus