Dieses Stellenangebot ist nicht mehr verfügbar
Über
Required:
Experience with combined IT and security work within a cybersecurity discipline (4+ years);
Experience with KQL, Python, PowerShell, or batch scripting (3+ years);
Experience with cloud computing and cloud computing security (2+ years);
Experience with security issues, techniques, and implications across computer platforms;
Experience with regulatory frameworks including NIST 800-53r5, CJIS Security Policy, and 60GG-2;
Experience with MITRE framework including TTPs;
CJIS certification (or ability to obtain).
Preferred:
Cybersecurity certifications such as Security+, CySA+, Network+, SSCP, CISSP, CCSP, SecurityX/CASP+, or PenTest+;
Bachelor's degree or higher in Computer Science, Information Security, or a related field.
Responsibilities include but are not limited to the following:
Monitor security platforms including SIEM, EDR, and cloud‑native security tools for indicators of compromise, indicators of attack, and incident response requirements;
Utilize Microsoft Defender XDR components (Endpoint, Cloud Apps, Identity, Office 365) for monitoring, analysis, and response;
Identify, triage, and investigate phishing incidents, including those submitted manually by end‑users;
Perform Identity and Access Management activities with a focus on identifying and managing risky users, risky sign‑ins, and sign‑in event correlation;
Conduct in‑depth investigations of security alerts, perform triage, and escalate or resolve incidents according to established procedures;
Maintain, tune, and optimize security detection rules, alerts, and automations to reduce false positives and improve detection accuracy;
Produce thorough documentation including after‑action reports, lessons learned, and security reporting aligned with incident severity and organizational standards.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.