Role:

• 5+ years of demonstrated experience in performing technical analysis and enrichment of pertinent attacks, threats and their indicators

• Sound Knowledge on developing use cases in SPLUNK and EDR based on MITRE ATT&CK framework

• Working knowledge of Machine Learning and User Behaviour Analytics as it pertains to baselining normal to determine outliers and anomalous behaviors.

• Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats

• Maintain supervision over operational tasks and provide day-to-day oversight for Incident Response Analysts and Incident Leads

• Oversee analysts in their investigation and response activities when security incidents arise to determine possible cause and resolution

• Effectively communicate information to stakeholders of all levels

• Demonstrate experience in network and host-based intrusion analysis, incident response processes and procedures, digital forensics and/or handling malware

• Acting as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response

• Successfully executing incident handling procedures as well as direct response to cyber security incidents

• Maintaining current knowledge and recognition of attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations

• Assessing cyber threat intelligence/open source intelligence and operationalizing that information

• Demonstrating real-world, hands-on experience dealing with sophisticated malware and dynamic cyber threat actors

• Identifying current and emerging threats and application of such research