Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Hunt - Hawaii
Anyone with interest in joining our Cyber Hunt team in OAHU, HI should contact me soonest... these seats won't likely be open long. We're seeking those with the following:

Performs cyber intelligence gathering and threat analysis of threats, including nation-state sponsored threats for a large organization. Actively provides in-depth incident analysis. Evaluates security incidents and performs research. Monitors, analyzes and correlates network traffic utilizing the latest in security tools and technology. Reviews threat data from various sources; coordinates with federal leadership, as well as government agencies to provide reporting and situational awareness.

- Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation and databases produced by the U.S. Government (USG), Department of Defense (DoD) and Intelligence Community (IC).

- Conducts research on emerging security threats; Provides correlation and trending of cyber incident activity.

- Maintains knowledge of adversary activities, including intrusion set tactics, techniques and procedures (TTP).

- Maintains Situational Awareness and reports on advanced threats, including Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.

- Communicates events to agencies regarding intrusions and compromises to network infrastructure, applications and operating systems; assists with implementation of counter-measures and mitigating controls.

- Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content

- Prepares cyber threat assessments based on threat analysis, coordinates cyber threat tracking with other organizations and the government; assists in developing reports, briefings and assessments to facilitate the understanding of cyber threats.

- Provides expert quality network traffic (PCAP) and Net Flow analysis.

- Experience with multiple programming languages.

- Experience in software reverse engineering or software development.

- In-depth knowledge of IDA Pro/Debuggers.

- In-depth knowledge of dynamic /static malware analysis and memory analysis.

- In-depth knowledge of Windows Operating System Internals (Kernel, Registry, File System, Windows APIs.

- Supports SOC analysis and incident response as needed.

- Creates and maintains Standard Operating Procedures and other documentation as needed.

A qualified candidate should also have excellent analytical and problem solving skills as well as interpersonal skills to interact with customers, team members and upper management; skilled in Incident Response and network security monitoring. Strong writing skills highly desired. Technically proficient in network communication using TCP/IP protocols, system administration knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch). Knowledgeable of Windows, Linux and Cisco operating systems, networking, and information security; Experience with EnCase, Splunk, McAfee NSM, Fidelis, and SourceFire is desirable.

***Obtain and maintain compliance with applicable DoD 8570.01-M requirements. Cyber threat analyst support requires at least IAT Level II and CND Analyst certifications.

1 Posts

Sign Up for Free or Log In to start participating in the conversation!