Contract Duration: 7 Months
NERC access is required for this role. The work start hours are flexible and can start as early as 5:00 a.m. or as late as 9:00 a.m.
Degree in Cybersecurity, IT, Intelligence, a related discipline, or equivalent experience Certs or equivalence equivalent to WCNA, CompTIA Security +, Cisco CCNA, SANS GCIH, GMON, or other relevant Cyber Security certifications Experience in Information Technology (IT) or Technical Intelligence
Acts as a lead in area of field. Analyzes malware/exploits and/or network traffic through forensics, observation of network traffic and using other tools and resources to determine if client systems are vulnerable. Knowledgeable in area of field and applies knowledge of concepts, principles, and practices. Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events. Assists in performing intelligence research for attack attribution.
· Supports SIOC management in driving the Intelligence Driven Defense model
· Based on IOC-based SIEM alerts, provides rapid assessments of potentially imminent security situations, sensitive developments and complex threat issues
· Utilizing technical security tools, perform hunting for malicious activity across the network and digital assets
· Attribute cyber-related attacks with actors, malware types or campaigns
· Respond to computer security incidents and conduct threat analysis
· Identify and act on malicious or anomalous activity