Provide 12x5 operational coverage and after-hours on-call support to detect, analyze, and mitigate advanced cyber threats
Conduct advanced packet-level traffic analysis and reconstruct network activity to identify anomalies, trends, and threat patterns
Perform in-depth web and application log analysis to identify suspicious or malicious behavior
Search for indicators consistent with advanced persistent threats (APTs)
Perform pattern, trend, and behavior analysis using multiple data sources
Design, deploy, and manage deception technologies (e.g., honeypots, lures, traps)
Conduct forensic analysis and documentation of malware incidents from initial compromise through remediation
Collaborate with SOC teams to assess and monitor key risk areas, including public-facing systems and sensitive databases
Develop and maintain SOPs, provide training, and support implementation of security solutions
Produce clear, comprehensive reports and actionable recommendations based on findings
Identify opportunities to enhance cyber detection capabilities and close security gaps
Support cyber requirements analysis and tracking activities

Requirements

Demonstrated experience with APT detection and prevention tools such as: FireEye HX, Cisco Advanced Malware Detection, ThreatGrid, Exabeam
Strong experience with: Windows servers, domain controllers, databases, Group Policy, and firewall/network filtering
Linux/Unix operating systems and file systems
Experience performing: NETFLOW and PCAP analysis using tools such as Wireshark, Cisco Stealthwatch, or AWS VPC Flow Logs
Real-time security event monitoring and anomaly detection using Splunk
Proven experience conducting: Malware forensic analysis (live system, sandbox, static, and memory/RAM analysis)
Full lifecycle malware investigation and documentation
BA/BS or minimum of three (3) years of experience in forensics and incident response
Minimum two (2) years of hands-on experience with Splunk and Wireshark
At least two (2) active cybersecurity certifications, such as: Security+, CISSP, GCIH, GCIA, GREM, GSEC, GCED, GCFA, GSLC, GSNA, GAWN, GPPA, GSE
Strong analytical, problem-solving, and investigative skills
Ability to clearly document and communicate technical findings to diverse audiences
Experience working in high-visibility, mission-focused environments
Strong collaboration skills with SOC and engineering teams

Benefits

Multiple medical plan options
Dental and vision coverage
Health savings and flexible spending accounts
Employer-sponsored life and disability insurance
Access to wellness and health advocacy resources
401(k) retirement savings plan with company match and immediate vesting
Paid holidays
Paid time off (PTO)
Sick leave
Paid volunteer time
Parental leave
Other leave programs
Employee Assistance Program (EAP) offering confidential counseling and support services
Professional development and training opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

APT detectionpacket-level traffic analysisweb log analysisapplication log analysispattern analysisdeception technologiesforensic analysismalware investigationNETFLOW analysisPCAP analysis

Soft Skills

analytical skillsproblem-solving skillsinvestigative skillscommunication skillscollaboration skills

Certifications

Security+CISSPGCIHGCIAGREMGSECGCEDGCFAGSLCGSNA