Skills: SOC Analyst, Incident Response Process, Log Analysis, Packet Analysis, Forensics, Threat Management, Detecting, Investigating, Responding to Cyber Security Events, Malware Analysis, Monitor, Detect, Analyze, Research, Incident Commander, Minor (P3-P4) Incidents, Sandbox, OS log files, Network Logs, Flow Data, DFIR, Modern Security Tools

JOB DESCRIPTION:

• Being a member of the Cyber Blue Team, you will be working with technical leads and other associates and analysts.
• You are responsible for detecting, investigating, and responding to cyber security events within the organization as well as handling technical projects.
• You are a member of the Cyber Security Incident Response Team (CSIRT) and as a result may be tasked with responding to cyber incidents outside of normal work hours.

RESPONSIBILITIES:

• Monitor, Detect, Analyze, research, and respond to cyber security events including Network events, OS Log events and forensic information.
• Demonstrate solid grasp of forensic interpretation of data.
• Perform eDiscovery and other technical tasks.
• Independently lead investigations and small projects.
• Act as Incident Commander on minor (P3-P4) incidents.
• Train and mentor junior staff members.
• Collaborate with stakeholders from other business units to conduct investigations, review plans and procedures, and respond to cyber incidents.
• Participate in training, exercises, and process improvement program.
• Occasionally travel to conferences, training, and other DTCC offices (up to 10%).
• Participate in on-call rotation and occasional after-hours work.

QUALIFICATIONS:

• Have at least four (4) years previous experience as a SOC analyst or similar role.
• Solid understanding of various security methodologies and processes, and technical security solutions.
• Knowledge on Incident response process, log analysis, packet analysis, Forensics
• Intermediate to sophisticated level of Malware analysis skills in both sandbox and manual methods.
• Demonstrate the ability to research and mentor team members on interpreting on OS log files, network logs, flow data and other security data.
• Demonstrate the ability to produce written reports including detailed analysis and recommendations.
• Demonstrate the ability to convey complex technical concepts to both technical and non-technical audiences.
• Be a subject matter expert in a particular technology or security domain as well as have hands-on experience and knowledge of modern security tools and DFIR best practices.
• Demonstrate the ability to take minimal high-level requirements and independently produce and execute an action plan to accomplish tasks.
• Demonstrate the ability to independently prioritize and manage multiple tasks.
• Demonstrate a strong desire to achieve and contribute to an impactful team.