Duties: Responsible for detection, investigation, remediation, and reporting of security incidents. Analyze all relevant event data for attack indicators and potential security breaches. Coordinate investigation and remediation efforts with internal and external stakeholders. Manage security monitoring and prevention systems, ensure they are up to date and functioning. Triage security incidents and deploy security controls to prevent them from happening again. Document and maintain existing security operations playbooks and procedures. Write and refine our troubleshooting guides and documentation.
The position is a fixed location based in Boston, MA office; however, telecommuting from a home office may also be allowed.
Two (2) years of experience in incident response, security analysis, or security engineering. Must have two (2) years of experience in each of the following (experience may be gained concurrently):
- Network, endpoint, server and cloud security tools and platforms;
- Developing logging and SIEM platforms, including Splunk and ELK;
- Ingesting and virtualizing logs, building reports and alerts, and using cases for all relevant security
- Using industry frameworks, including MITRE ATT&CK framework;
- Using open source and commercial EDR tools for intrusion detection and response;
- Digital forensics Windows, macOS and Linux operating systems; and
- Coding, scripting and automation using Python and PowerShell.
Must possess professional information security certification in CISSP, GCIH, or GSEC.
Experience may be gained before, during, or after advanced degree issuance.
Master’s degree (or foreign equivalent) in Information Assurance, Information Systems and Management, or a related field
Please copy and paste your resume in the email body do not send attachments, we cannot open them and email them at candidates at placementservicesusa.com with reference #2701817 in the subject line.