Top Secret Incident Response Analyst with Security Clearance

• 4-6 years of experience in a SOC or cybersecurity operations role, with proven experience investigating and responding to security incidents. • Proficiency with SIEM platforms (e.g., Splunk) and endpoint detection tools (e.g., CrowdStrike, Sentinel One, Microsoft Defender). • Strong understanding of network protocols, packet analysis, and tools like Wireshark or Zeek. • Experience with IDS/IPS/NDR/EDR tools (e.g., Snort, Suricata, Bricata). • Ability to analyze logs, correlate data, and detect adversary tactics, techniques, and procedures (TTPs). • Familiarity with threat intelligence frameworks such as MITRE ATT&CK, Cyber Kill Chain, and IOC analysis.

Basic scripting or automation skills (e.g., Python, PowerShell, Bash) to enhance workflows.

Permanent