The company is an equal opportunity employer.

• 
  Experience writing technical reports and presenting results to leadership.
• Identify deficiencies in security posture and develop, administer, and participate in action plans to address these gaps.
• Facilitate effective communication between project/program stakeholders
• Experience in managing large-sized projects/programs across multiple disciplines and/or teams.
• Advanced-level understanding of business risk and how to properly advise a customer through critical situations
• Strong team orientation, collaboration skills, and interpersonal skills
• Adept at helping team members harness and develop strengths in pursuit of successful program outcomes
• Proven problem-solving, critical thinking, and decision-making skills
• Excellent interpersonal and communication skills, and proven ability to work effectively with all organizational levels
• Conduct analysis of network traffic and host activity across a wide array of technologies and platforms Perform general SIEM monitoring, analysis, content development, and maintenance
• Conduct and drive incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
• Compile detailed investigation and analysis reports for internal SOC consumption and delivery to leadership
• Track threat actors and associated tactics, techniques, and procedures (TTPs) by capturing intelligence on threat actor TTPs and developing countermeasures in response to threat actors
• Analyse malicious campaigns and evaluate the effectiveness of security technologies
• Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
• Conduct and provide computer forensic analysis of system memory and disk images
• Coordinate threat hunting activities across the network, leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies
• Hunt for and identify threat actor groups and their techniques, tools, and processes
• Identify gaps in IT infrastructure by mimicking an attacker's behaviours and responses
• Provide analytic investigative support of large scale and complex security incidents
• In depth understanding of cloud service providers (CSP) security offerings
• Understanding of and ability to perform malware reverse engineering
• Effective at utilizing sandbox technologies to detonate malware samples

• 
  Strong understanding of Lockheed Martin’s Kill Chain
• In depth knowledge of MITRE ATT&K matrix
• Advanced understanding of networking concepts and ability to analyze network artifacts
• Effective communication across technical silos
• 3-5+ years of actual work-related experience in the field of Information Security
• Experience with SIEM solutions (preferably Splunk or similar tool) search language, techniques, alerts, dashboards, report building, and creation of automated log correlations.
• 8-10+ years of relevant cybersecurity experience in IT Security, Incident Response, or network security with a strong knowledge working in a SOC
• The ability to write well and convey information to the intended audience in an easily understood manner
• A bachelor's degree in Information Systems, Network Security, Computer Science or related IT-field is required.
• Required Splunk Fundamentals I &II Training or Certification
• One or more relevant industry cybersecurity certifications preferred (GCIA, GCIH, GREM, CEH, etc.)
• After-hour work is required during any P1 incidents in addition to mandatory participation in the PIC process.