The Opportunity
My client’s leading cyber security practice offers a comprehensive suite of services, ranging from cyber governance, strategy, defense, and response to complete end-to-end cyber security transformation. We are looking for an experienced Cyber Security Professional to join our growing Cyber Security Services team as a Level 2 Investigation Analyst (Senior Consultant) within our Managed Security Services practice.
This is an exciting opportunity for talented, energetic individuals to join a practice that is experiencing significant growth. We are seeking candidates who have demonstrated academic, business, and technical excellence, with strong all-around capabilities that align with our culture. Individuals who thrive in a dynamic, fluid, and entrepreneurial environment will excel here and find a wide range of opportunities within our expanding practice. This is an excellent opportunity for those looking to work in a firm and department with great career progression prospects and wanting to be part of building a premier cyber consulting team.
What You Will Do
- Receive escalated tickets from Level 1 analysts and contribute to real-time, continuous security event response and reporting.
- Analyze, contextualize, and monitor security alerts from various advanced security platforms.
- Utilize internal and external data sources to research and enrich event information, determining if an event warrants classification as an "incident."
- Validate IOCs, investigate intrusion attempts, and conduct in-depth analysis and correlation of host-based logs, network traffic, and other data sources.
- Perform malware analysis, host and network forensics, and log analysis to support incident response efforts.
- Identify and prioritize incidents based on organizational impact or threat severity.
- Troubleshoot and investigate security events effectively, communicate findings, and escalate concerns to senior staff as needed.
- Collaborate directly with clients on containment and eradication activities.
- Monitor Level 1 Analyst performance, utilizing SOC-available tools to investigate incoming events and manage high and critical severity incidents per the operations playbook.
Skills
- 5+ years of experience in a SOC environment in the areas of incident detection and response, remediation, malware analysis, or incident response/forensics.
- Hands-on experience with Microsoft Sentinel or other SIEM and EDR/XDR technologies, creating and running queries, and performing analytics, examination of logs, and console events.
- Good understanding of SANS and MITRE ATT&CK Frameworks.
- Industry-relevant certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+, CompTIA CySA+, GIAC are an asset.
- Experience in a leadership role, providing engaged mentorship and knowledge sharing to the team and junior analysts.
- Strong understanding of business processes and ability to manage change/adhere to change management processes.
- Excellent communication skills.
- Optional/value-added: Experience evaluating the design and operating effectiveness of various control frameworks and standards, including understanding process-level risks, technology risks, assessing the adequacy of mitigating controls, and providing opportunities for future enhancement.