Georgia Employer CYBER THREAT SPECIALIST in Savannah, Georgia
Cyber Threat Specialistin GAC SavannahUnique Skills:The following attributes are all important and experience and/or working knowledge will be a plus.Experience in other fields will be considered if skills are transferable.Looking for a seasoned cyber security professional who remains current on the evolving cyber security environment and technologies.Experience with UEBA, EDR, XDR, DLP, SIEM and SOAR concepts/technologiesDeep understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)Experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework. Threat HuntingStrong analytical and troubleshooting skillsExperience with vulnerability management tools and /or programsExperience with reverse engineering malwareExperience in the area of Cloud Security - CCSP or CCSK a plusExperience securing MS AD/Azure environmentsExperience in the digital forensics fieldExperience in Networking and/or Firewalls a plusWilling and capable of training team membersPython programming(These positions include shift work required to cover 24x7 Security Operations, Position is on site with possibility of some hybrid remote work, but primary location is on site)Education and Experience RequirementsBachelor\'s Degree or equivalent combination of education and experience to successfully perform the essential functions of the job. Degree in information security, Computer Sciences or Technology related field preferred. 7 years of related experience.Position Purpose:The Cyber Threat Specialist provides management with a clear picture of threats associated with Business Technology assets in a way that enables them to make well-informed decisions regarding threat management. This is achieved through the effective communication of information collected through various tools, analysis of event and incident reports utilizing both automated and manual methods. The Cyber Threat Spec must also be capable of supervising and guiding the forensics team to include conducting computer forensic investigations, data recovery, electronic discovery and leading an incident response team.Job DescriptionPrinciple Duties and Responsibilities:Essential Functions:Conducting forensic collections of electronic evidence including information system and network devices for legal, human resources, ethics, and information security.Applying forensic software/hardware applications to analyze digital media, images; determining solutions for recovery of potentially relevant information.Examining and analyzing network traffic, related applications and operating systems to identify potential threats, anomalous or malicious activities to network resources; validating Intrusion Detection System (IDS) alerts.Analyze security data to effectively detect intrusions & attempted intrusions and to initiate and engage the proper resources to mitigate the risk.Providing reports and documents regarding network security incidents details and outcome; leads efforts in troubleshooting problems and recommending vulnerability corrections.Monitoring and improving documentation and reporting processes for cyber incident status and results.Driving the design and implementation of the organizational information security solutions, and continuously enhancing information security approaches and methodologies.Lead incident response team in addressing and managing the aftermath of a security breach or attack. Must be trained and have experience in incident response procedures and practices .Defining process issues and resolutions; facilitating and overseeing computer forensics processes.Conducting security assessments,... For full info follow application link.Gulfstream, an equal opportunity employer, is committed to diversity and inclusion in its workplace.