automation engineer

automation engineer Brooklyn, NY

KWS Pvt. Ltd
Full Time Brooklyn, NY 45 - 41 USD HOURLY Today
Job description

Job Title: Computer Consultant 5-SOC Engineer

Location: 9 Metro Tech Center, Brooklyn, 11201 (On-site)

Mode of hire- Contract

Duties:

Lead Incident Management activities to monitor and resolve incidents

  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
  • Conduct threat analysis and assessments on network/systems. Monitor, maintain, update, and secure FDNY infrastructure.
  • Establish, maintain and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis, and reporting
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security.
  • Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Accurately documenting an incident from beginning to end as well as evidence handling.
  • Write, test, and implement IOC's and IR alerts within the cybersecurity tools
  • Collaborate with IT and Cybersecurity team members to onboard system and applications logs in the central logging system
  • Utilize endpoint security tools like CrowdStrike, McAfee, RSA NetWitness, NetBrain for threat hunting
  • Strong knowledge of Proxy Web Gateway
  • Utilize m onitoring tools like Armis, Extrahop, Splunk, Secureworks and McAfee IDS/IPS, McAfee Proxy Gateway, Secureworks Taegis Platform, Netwrix, Extrahop, Firewalls (Palo Alto, Fortinet) etc.
  • Use vulnerability management tools like Nessus, Rapid 7 and penetration tools like Core Insight, NMAP, Netcat, and Metasploit
  • Be a power user of Splunk SEIM
  • Perform root cause analysis

Minimum requirements:

  • 5+ years of work experience in SOC as a Threat Intelligence or Incident Response Analyst
  • Strong experience performing threat hunting and incident response using Splunk and cybersecurity management tools
  • Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
  • Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP)
  • Strong understanding of vulnerability and exploitation concepts
  • Scripting and automation experience in Python, Bash, Powershell, or Javascript
  • Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats
  • Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
  • Strong knowledge of cloud and application security
  • Working knowledge of the Cyber Threat Kill Chain
  • Map use cases and subsequent rules and policies to the MITRE Telecommunication&CK framework.
  • Strong knowledge of Network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, PKI, and/or counterintelligence operations
  • Knowledge of and experience with cloud, web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired

Preferred requirements:

  • Bachelor's degree in Computer Science or Engineering
  • Knowledge of Malware Analysis, Reverse Engineering, and Memory Forensics tools and techniques
  • Experience building policies and rules on email and network platforms
  • Individuals with CEH, GIAC, Security+ certifications preferred
  • Splunk Power User certification a plus
  • Knowledge of SOAR tools .

Job Type: Contract

Pay: $41.00 - $45.00 per hour

Schedule:

  • 8 hour shift

Experience:

  • SOC: 5 years (Required)
  • Cyber security: 3 years (Required)
  • Threat Intelligence: 5 years (Required)

Work Location: On the road

Speak with the employer
+91 7036526230

automation engineer
KWS Pvt. Ltd

Related Jobs

All Related Listed jobs

Staff Engineer - Frontend
Pitchup.com Remote 90000 - 105000 GBP ANNUAL Today

Suggest and implement changes to the front-end architecture of our sites, driving decisions and giving strong input into design documents, discussion and plans.

customer relations
Yours Clothing Peterborough, England 21500 - GBP ANNUAL Today

What is the role

Protecting and enhancing revenue through delivering first class, timely customer service from all methods of...

Online Service Colleague - Nights
ASDA Cheltenham, England 13.54 GBP HOURLY Today

On the Our Asda' benefits site, you will have access to a wide range of discounts across various activities and services, anything from airport parking to

General Labourer
FORMULATE DEVELOPMENTS LTD Falmouth, England Today

The job will be varied and will include moving materials, assisting trades on site, unloading deliveries, proactively keeping the site clean and tidy and

Waiter/Waitress
Iberica Victoria London, England 12.5 - 13.5 GBP HOURLY Today

Free CODE subscription; access to great discounts in local Bars & Restaurants across the country. Proper homecooked meals for our team, 2 per day if you are