Looking for a 1 year contract for someone with skills in security operations, this role needs expertise in the following areas:
- Extensive experience supporting and administering security event management solutions – ie. Splunk SIEMs, Darktrace, threat hunting, log correlation
- Experience writing and troubleshooting rules or code with programming or scripting languages (eg. SPL, KSQL, Powershell, Python)
- Have proven experience interacting with customers and partners
- Proven ability to mentor other
- Inherently transparent and has a desire to share/teach others
- Experience supporting and administering next gen AV solutions – ie. Cylance, Crowdstrike, MS Endopoint Defender (Aka Defender ATP)
- Experience supporting and administering next gen email gateways – ie. Proofpoint, Mimecast, or O365 secure email gateway.
- Experience supporting and administering next gen firewalls and web application firewalls – ie. Palo Alto, F5 WAF
- Excellent understanding of foundational Networking concepts
- Deep experience troubleshooting issues with Operating Systems Windows or Linux.
- Excellent analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy
- Above average resourcefulness
- Have enough experience with hybrid cloud infrastructure, specifically Azure or AWS to understand the threats and the mitigations in that environment
- Have a keen interest in implementing measures to reduce workload, through articles, knowledge sharing, and automation.
- Is open to after-hours support
- Exposure to the development cycle, Git, or even deployment pipelines is a nice to have
We are looking for someone that wants to be heavily involved in the day to day support and trenches of the above technologies
. We would also like someone who has experience in investigating security events, is great at analyzing logs and understanding threat vectors and how to respond to security alerts
within the network and can read and understand forensics coming from our various technologies. Preferably a level 2-3 SOC analyst