Job Description
Primary Responsibilities
Shift schedule: 7am-7pm, Sun-Tues, every other Wednesday.
·Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
·Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
·Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response.
·Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
·LeadIncident Response activities and mentor junior SOC staff.
·Work with key stakeholders to implement remediation plans in response to incidents.