automation engineer

automation engineer Brooklyn, NY

KWS Pvt. Ltd
Full Time Brooklyn, NY 45 - 41 USD HOURLY Today
Job description

Job Title: Computer Consultant 5-SOC Engineer

Location: 9 Metro Tech Center, Brooklyn, 11201 (On-site)

Mode of hire- Contract

Duties:

Lead Incident Management activities to monitor and resolve incidents

  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
  • Conduct threat analysis and assessments on network/systems. Monitor, maintain, update, and secure FDNY infrastructure.
  • Establish, maintain and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis, and reporting
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security.
  • Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Accurately documenting an incident from beginning to end as well as evidence handling.
  • Write, test, and implement IOC's and IR alerts within the cybersecurity tools
  • Collaborate with IT and Cybersecurity team members to onboard system and applications logs in the central logging system
  • Utilize endpoint security tools like CrowdStrike, McAfee, RSA NetWitness, NetBrain for threat hunting
  • Strong knowledge of Proxy Web Gateway
  • Utilize m onitoring tools like Armis, Extrahop, Splunk, Secureworks and McAfee IDS/IPS, McAfee Proxy Gateway, Secureworks Taegis Platform, Netwrix, Extrahop, Firewalls (Palo Alto, Fortinet) etc.
  • Use vulnerability management tools like Nessus, Rapid 7 and penetration tools like Core Insight, NMAP, Netcat, and Metasploit
  • Be a power user of Splunk SEIM
  • Perform root cause analysis

Minimum requirements:

  • 5+ years of work experience in SOC as a Threat Intelligence or Incident Response Analyst
  • Strong experience performing threat hunting and incident response using Splunk and cybersecurity management tools
  • Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
  • Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP)
  • Strong understanding of vulnerability and exploitation concepts
  • Scripting and automation experience in Python, Bash, Powershell, or Javascript
  • Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats
  • Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
  • Strong knowledge of cloud and application security
  • Working knowledge of the Cyber Threat Kill Chain
  • Map use cases and subsequent rules and policies to the MITRE Telecommunication&CK framework.
  • Strong knowledge of Network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, PKI, and/or counterintelligence operations
  • Knowledge of and experience with cloud, web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired

Preferred requirements:

  • Bachelor's degree in Computer Science or Engineering
  • Knowledge of Malware Analysis, Reverse Engineering, and Memory Forensics tools and techniques
  • Experience building policies and rules on email and network platforms
  • Individuals with CEH, GIAC, Security+ certifications preferred
  • Splunk Power User certification a plus
  • Knowledge of SOAR tools .

Job Type: Contract

Pay: $41.00 - $45.00 per hour

Schedule:

  • 8 hour shift

Experience:

  • SOC: 5 years (Required)
  • Cyber security: 3 years (Required)
  • Threat Intelligence: 5 years (Required)

Work Location: On the road

Speak with the employer
+91 7036526230

automation engineer
KWS Pvt. Ltd

Related Jobs

All Related Listed jobs

Window Cleaner
Broadland Housing Norwich, England 21652 GBP ANNUAL Today

At least 1 years previous experience within a window cleaning post, preferably within a non-office environment. Full time, 37 hours a week (Monday to Friday).

Commis Waiter/Waitress
1 Warwick London, England 12 GBP HOURLY Today

Runs food and beverages from the kitchen and bar areas. 50% off Food and Beverages in both sites for you and up to 3 guests. Delicious meals when on duty.

Process Summer Intern
KBR Leatherhead, England Today

The role will include a number of tasks relating to green and blue hydrogen studies, clean ammonia studies and also the mapping of KBR sustainable technologies

Retail Assistant
RT Coatbridge LTD Coatbridge, Scotland 10 GBP HOURLY Today

Providing general advice and guidance to customers on shop products, services and offers. Serving customers and being responsible for cash handing / card

it administrator
Adamson Systems Engineering Port Perry 60000 - 49850 CAD ANNUAL Today

Manage – IT hardware - Network drives - Software licenses

Plan – Capacity upgrades – Penetration...