automation engineer

automation engineer Brooklyn, NY

KWS Pvt. Ltd
Full Time Brooklyn, NY 45 - 41 USD HOURLY Today
Job description

Job Title: Computer Consultant 5-SOC Engineer

Location: 9 Metro Tech Center, Brooklyn, 11201 (On-site)

Mode of hire- Contract

Duties:

Lead Incident Management activities to monitor and resolve incidents

  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
  • Conduct threat analysis and assessments on network/systems. Monitor, maintain, update, and secure FDNY infrastructure.
  • Establish, maintain and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis, and reporting
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security.
  • Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Accurately documenting an incident from beginning to end as well as evidence handling.
  • Write, test, and implement IOC's and IR alerts within the cybersecurity tools
  • Collaborate with IT and Cybersecurity team members to onboard system and applications logs in the central logging system
  • Utilize endpoint security tools like CrowdStrike, McAfee, RSA NetWitness, NetBrain for threat hunting
  • Strong knowledge of Proxy Web Gateway
  • Utilize m onitoring tools like Armis, Extrahop, Splunk, Secureworks and McAfee IDS/IPS, McAfee Proxy Gateway, Secureworks Taegis Platform, Netwrix, Extrahop, Firewalls (Palo Alto, Fortinet) etc.
  • Use vulnerability management tools like Nessus, Rapid 7 and penetration tools like Core Insight, NMAP, Netcat, and Metasploit
  • Be a power user of Splunk SEIM
  • Perform root cause analysis

Minimum requirements:

  • 5+ years of work experience in SOC as a Threat Intelligence or Incident Response Analyst
  • Strong experience performing threat hunting and incident response using Splunk and cybersecurity management tools
  • Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
  • Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP)
  • Strong understanding of vulnerability and exploitation concepts
  • Scripting and automation experience in Python, Bash, Powershell, or Javascript
  • Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats
  • Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
  • Strong knowledge of cloud and application security
  • Working knowledge of the Cyber Threat Kill Chain
  • Map use cases and subsequent rules and policies to the MITRE Telecommunication&CK framework.
  • Strong knowledge of Network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, PKI, and/or counterintelligence operations
  • Knowledge of and experience with cloud, web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired

Preferred requirements:

  • Bachelor's degree in Computer Science or Engineering
  • Knowledge of Malware Analysis, Reverse Engineering, and Memory Forensics tools and techniques
  • Experience building policies and rules on email and network platforms
  • Individuals with CEH, GIAC, Security+ certifications preferred
  • Splunk Power User certification a plus
  • Knowledge of SOAR tools .

Job Type: Contract

Pay: $41.00 - $45.00 per hour

Schedule:

  • 8 hour shift

Experience:

  • SOC: 5 years (Required)
  • Cyber security: 3 years (Required)
  • Threat Intelligence: 5 years (Required)

Work Location: On the road

Speak with the employer
+91 7036526230

automation engineer
KWS Pvt. Ltd

Related Jobs

All Related Listed jobs

Receptionist Admin Assistant
The Royal Wolverhampton NHS Trust Wolverhampton, England 20270 - 21318 GBP ANNUAL Today

To provide an efficient, courteous and helpful reception service to patients, their families and other professionals when they contact the Rheumatology

Property Photographer / Floor Planner
Pixangle Property Marketing Ltd London, England 22000 - 28000 GBP ANNUAL Today

Our photographers also measure and draw properties to produce floor plans. You will be required to have experience in property photography and photo editing to

Trainee Fibre Engineer - Cheltenham (FT)
Fibre Networking Solutions Ltd Cheltenham, England 26000 - 31200 GBP Today

A driving license will be massively advantageous, but we will still consider applicants that cannot drive. In return, we offer a fully maintained company van

Office Administrator
CCS Environmental Commercial Ltd London 11 - 15 GBP HOURLY Today

The Office Administrator will be responsible for adhering to company policies, coordinating staff schedules and performing administrative work.

Clinic Operations Manager
Osteopathic Centre for Children London, England 40000 - 42000 GBP ANNUAL Today

Professional Membership Fees: after the satisfactory completion of the probationary period, and if you are employed in a role where the membership of a