Job Description
Primary Responsibilities
List daily duties and/or specific job responsibilities.
·Experience with creating and implementing custom IOCs and IOAs in Crowdstrike
·Experience with triaging and investigating hosts using Crowdstrike
·Experienced with updating McAfee AV signatures
·Experience with creating and maintain custom Tanium packages for collecting artifacts for continuous monitoring
·Provide recommendations for tuning and/or triaging notable events
·Perform critical thinking and analysis to investigate cyber security alerts
·Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
·Collaborate with team members to analyze an alert or a threat
·Stay up to date with latest threats and familiar with APT and common TTPs
·Utilize OSINT to extrapolate data to pivot and identify malicious activity
·Have experience with...