automation engineer

automation engineer Brooklyn, NY

KWS Pvt. Ltd
Full Time Brooklyn, NY 45 - 41 USD HOURLY Today
Job description

Job Title: Computer Consultant 5-SOC Engineer

Location: 9 Metro Tech Center, Brooklyn, 11201 (On-site)

Mode of hire- Contract

Duties:

Lead Incident Management activities to monitor and resolve incidents

  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
  • Conduct threat analysis and assessments on network/systems. Monitor, maintain, update, and secure FDNY infrastructure.
  • Establish, maintain and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis, and reporting
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security.
  • Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Accurately documenting an incident from beginning to end as well as evidence handling.
  • Write, test, and implement IOC's and IR alerts within the cybersecurity tools
  • Collaborate with IT and Cybersecurity team members to onboard system and applications logs in the central logging system
  • Utilize endpoint security tools like CrowdStrike, McAfee, RSA NetWitness, NetBrain for threat hunting
  • Strong knowledge of Proxy Web Gateway
  • Utilize m onitoring tools like Armis, Extrahop, Splunk, Secureworks and McAfee IDS/IPS, McAfee Proxy Gateway, Secureworks Taegis Platform, Netwrix, Extrahop, Firewalls (Palo Alto, Fortinet) etc.
  • Use vulnerability management tools like Nessus, Rapid 7 and penetration tools like Core Insight, NMAP, Netcat, and Metasploit
  • Be a power user of Splunk SEIM
  • Perform root cause analysis

Minimum requirements:

  • 5+ years of work experience in SOC as a Threat Intelligence or Incident Response Analyst
  • Strong experience performing threat hunting and incident response using Splunk and cybersecurity management tools
  • Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
  • Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP)
  • Strong understanding of vulnerability and exploitation concepts
  • Scripting and automation experience in Python, Bash, Powershell, or Javascript
  • Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats
  • Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
  • Strong knowledge of cloud and application security
  • Working knowledge of the Cyber Threat Kill Chain
  • Map use cases and subsequent rules and policies to the MITRE Telecommunication&CK framework.
  • Strong knowledge of Network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, PKI, and/or counterintelligence operations
  • Knowledge of and experience with cloud, web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired

Preferred requirements:

  • Bachelor's degree in Computer Science or Engineering
  • Knowledge of Malware Analysis, Reverse Engineering, and Memory Forensics tools and techniques
  • Experience building policies and rules on email and network platforms
  • Individuals with CEH, GIAC, Security+ certifications preferred
  • Splunk Power User certification a plus
  • Knowledge of SOAR tools .

Job Type: Contract

Pay: $41.00 - $45.00 per hour

Schedule:

  • 8 hour shift

Experience:

  • SOC: 5 years (Required)
  • Cyber security: 3 years (Required)
  • Threat Intelligence: 5 years (Required)

Work Location: On the road

Speak with the employer
+91 7036526230

automation engineer
KWS Pvt. Ltd

Related Jobs

All Related Listed jobs

Resource Planning Officer - Glasgow
British Transport Police Glasgow, Scotland 27174 GBP ANNUAL Today

Working from home allowance available to purchase suitable equipment for blended & home working. Produce rosters in a timely manner to minimise costs whilst

systems administrator
Connexus Group of Companies Warrington, North West England, England 48208 - 38094 GBP ANNUAL Today

IT Systems Administrator (full-time)

About the Company
The Connexus Group comprises of seven businesses providing a...

Administrative Assistant - Work From Home
Psychiatry UK Remote 22800 GBP ANNUAL Today

If you have contact with computerised data systems you are required to obtain, process, and/or use information held on a computer in a fair and lawful way, to

Flexible Warehouse Operative
Wincanton 10.8 - 15 GBP HOURLY Today

To undertake the day to day warehouse tasks ensuring all targets are met and the highest standards of quality, accuracy and hygiene are maintained to ensure our

social worker
Voyage Care Manchester, England 23130 - GBP HOURLY Today

Key information

Job...