G-TECH Services, Inc. CSIRT Analyst in Auburn Hills, Michigan
The CSIRT Analyst will support the Cyber Security Incident Response Team for North America and will be responsible for monitoring the environment, evaluating potential threats and performing forensic analysis in support of protecting digital assets. Responsibilities include but not limited to:
Review security related events as reported from the SIEM.
Investigate intrusion attempts and perform in-depth analysis of system generated offenses.
Analyze network traffic and respond accordingly, working with other support organizations as necessary.
Ability to learn and use malware analysis tools in order to evaluate threats.
Conduct Open Source and subscription based threat intelligence research in order to protect the environment.
Document open issues in case management tools.
Update and provide Playbook documentation for Operation Processes.
Provide forensic investigative support to other teams related to security.
Hunt for and identify threat actor groups based on their known techniques and tactics.
Proactively identify and track new tactics and techniques in order to enhance the cyber defense environment.
Communicate findings and work to resolve issues with other regions throughout the world.
Bachelor’s degree in Computer Science or related IT field.
3+ years of experience as Cyber Security Analyst
Basic understanding of computer operating systems and networking.
Working knowledge of any SIEM product.
Demonstrated passion and discipline for uncovering system vulnerabilities and discovering threat actors.
Ability to communicate complex technical issues related to cyber threats to all areas of company.
Experience with Windows/Linux/UNIX based servers.
Experience with IDS/IPS Systems.
Ability to work independently and within a team.
May be required to drive a company car.
A valid driver’s license is required as well as a clean driving record.
May be required to travel domestically up to 0%.
Preferred Requirements :
- Familiarity with Mitre Att@ck..
Function Information Technology
Req ID JN -022021-115352