| SOC Consultant. at Atlanta, Georgia, USA |
| Email: [email protected] |
|
SOC Consultant. Location: Downtown Atlanta, GA / Zebulon, NC. Contract C2C/w2/1099 Only USC GC Project Overview: The SOC Consultant is responsible for maturing the organization's monitoring and response capabilities around new use cases, alerts, and automated playbook feedback. The objective is to bring advanced external expertise to the organization to accelerate the SOC's coverage of multiple alert use cases. Alert Review and Prioritization Alert Runbook Development Alert Automation Analysis Onboarding of Defender Alerts (e.g. Defender for Cloud) Cloud Containment & Eradication Alert Tuning Must-Have: The selected candidate must demonstrate an understanding of the SOC best practices. The candidate must demonstrate an understanding of key cloud resources and logs used to facilitate mature security operations center workflows. The ability to quickly identify nefarious artifacts versus benign activity will be a key skill for this position. This role must have problem solving skills for structured, unstructured, and complex situations. Extensive hands-on experience conducting cyber alert analysis in various SIEM, Cloud, and other platforms. Strong ability to express their skills and knowledge in both verbal and written forms. Experience developing high-quality deliverables about deep technical concepts. Conduct cyber investigations for escalated and challenging computer security incidents. Participate in the creation and maintenance of use cases for recurring investigation/incident triggers in support of the 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program. Participate in the creation and maintenance of playbooks used in response for investigation/incident triggers in support of 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program. Interface with other teams in Information Security (e.g. network operations, Cyber Fusion Center (CFC) ), vulnerability management) along with information and liability risk officers and technology management to help guide cyber security investigations and incidents. Identify new threat tactics, techniques and procedures used by cyber threat actors. Proactively engage in threat-hunting activities to proactively search for threats in the enterprise environment. Nice to have: Experience working in cloud environments, namely Microsoft Azure Industry certifications in general technology and security (e.g. Network+, Security+, CySA+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, Microsoft Security Operations Analyst Associate etc.) Industry certifications in cyber forensics and incident response, such as GIAC Cloud Security Essentials Certification (GCLD), GIAC Cloud Threat Detection (GCTD), GIAC Cloud Security Automation (GCSA), GIAC Cloud Forensics Responder (GCFR), Certified Forensic Computer Examiner (CFCE), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), and other related credentials Demonstrated technical leadership experience Kind Regards, Syeda Hajra | Absolute IT | Senior Technical Recruiter 116 Village Blvd Suite 200 Princeton New Jersey 08540 Absolute IT [email protected] https://www.linkedin.com/in/syeda-hajra-a96813245/ www.absoluting.com -- Keywords: information technology green card wtwo Georgia North Carolina SOC Consultant. [email protected] |
| [email protected] View All |
| 08:06 PM 20-Aug-24 |