Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
This position will support the Enterprise Security and Risk Management Office (ESRMO) Incident Response team and monitor networks & systems using various security boundary tools & capabilities for anomalous activities, triage and remediate as appropriate
This position reports to State Chief Risk Officer (SCRO) and supports the SCRO in ensuring compliance with Federal and State policies of the Department of Information Technology (DIT) State agencies. The candidate will support the Enterprise Security and Risk Management Office (ESRMO) Incident Response team and monitor networks and systems using various security boundary tools and capabilities for anomalous activities, triage and remediate as appropriate.
Duties and Responsibilities:
• Support/assist ESRMO with real-time monitoring and triage of incident received.
• Work collectively with other team members on incident analysis and response, and coordinate with external agencies on resolution of incidents.
• Support efforts on threat hunting, network, host, and malware analysis, sensor tuning and custom signature creation
• Support the application of cyber intelligence to improve security operations
• Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures
• Assist in efforts to detect, confirm, contain, remediate, and recover from attacks
• Assist in the preparation of executive summaries and conduct briefings on significant investigations
• Ensure adequate metrics and documentation of team operations for leadership and other constituents
• Participate in other activities relating to security and privacy incident management
Knowledge, Skills and Abilities / Competencies
• Network investigation experience, to include netflow and packet/protocol capture and analysis
• Endpoint/host forensics experience
• SIEM experience
• Strong critical thinking, problem solving, and organization skills
• Strong teamwork and collaboration skills
• Good written and verbal communication skills
• Ability to pass a security clearance background investigation
• Sound cyber security knowledge foundation, to include understanding of
• Adversary TTPs
• Network technology and common protocols
• Network security
• Host security
• Security tools and sensors
• Ability to work with little to no supervision
• Proven ability to multi-task and work under stress
• Strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people
• Prefer GCIA, GCIH, CISM, or CEH
Apply by creating/using an account
About LanceSoft Inc
Lancesoft is one of fastest growing and largest clinical staffing firm in the U.S. and an employer-of-choice for over 1000+ consultants - this may be your opportunity to join us!
We recruit top-notch talent for Healthcare, Pharmaceutical, Technology, Telecom, Retail and Distribution, Energy & Utilities, Banking/ Finance, Manufacturing, Automobile, Media, Transportation, and Government clients coast-to-coast across the US, Canada and India. We are one of the fastest-growing companies in the industry and
Want to read more about LanceSoft?
Click here to visit our website - www.lancesoft.com
Minorities/ Females/ Disabled/ Veterans/ Gender Identity/ Sexual Orientation