This listing has expired and therefore is not publicly viewable.
|Company||Precision Castparts Corp.|
|Preferred GIAC Certifications||GCIH, GCFE, GCFA|
The Forensic and Incident Response Analyst will investigate cybersecurity and/or computer network related incidents, tier 2 and 3. The position will perform daily incident response triage communicating accordingly as needed.
Primary Duties and Responsibilities:
• Enhance security operations, analytics, threat hunting and security orchestration and automation capabilities.
• Perform Daily Incident Response Triage which may also include working during 2nd or 3rd shift and weekends when necessary. This will include using complex analytics to correlate information from multiple sources to detect advanced threat actions.
• Keep up to date on latest security whitepapers, incidents, tools, tactics for defending against advanced threats and attend Security conferences
• Forensic Analyst team members shall fulfill additional duties as directed by Lead Forensic Analyst, and Director of Cyber Security.
Experience and Education:
• 4+ years of related work experience (IT/Cyber Security)
• Bachelor’s degree required
• Degree must be in a relevant field (e.g., IT, Computer Forensics, Computer Science, Computer Engineering, Information Security, Information Assurance, or related degree)
• 3+ years of experience working in an operational environment (SOC, NOC, Operations Center)
• One or more of the following certificates are required: GCIH, AWS Security Specialist, Azure Security Engineer Associate, GSFE, GCFA, GCED, CHFI, ECIH, ECSS, CISSP, CCFP
• Skills in collecting and analyzing cloud forensic artifacts.
• Ability to program in Python is preferred.
• Must demonstrate strong ability to detect threat activity
• Knowledge of latest cyber threats and tactics, techniques, and procedures used to infiltrate computer networks
• Demonstrated ability to document incident reports.
• Strong analytical skills and attention to details
• Knowledge of cloud security tools and cloud-native forensic artifacts for Azure and AWS.
• Knowledge of the Windows file system, registry functions, and memory artifacts
• Knowledge of TCP/IP communications, and common protocols and applications, including DNS, HTTP, and SMB
• Demonstrated Linux administration experience
• Strong background with SIEM and analytics
• Experience with a variety of logs and telemetry including AV, web server, SIEM, etc.
• Hands on experience with information security tools, such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices