top of page

Cyber Security Sample Role

Updated: Apr 5, 2023

Monitor for indicators of attack and improve our processes and procedure. This person will be responsible for detecting threats and vulnerabilities in target systems, networks, and applications by conducting systems, network and web vulnerability assessment / security testing. The ideal candidate will also have experience reviewing security events from multiple systems

(Windows, Unix, routers, switches and endpoints) and be able to understand what events are benign and what may be malicious based on data classification, behavior and context.



Job Duties:

  • Review and triage events and design/implement correlation searches to respond to changes in the environment while reducing false positives.

  • Monitor for and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk while performing investigations using various Monitoring Security technologies (i.e. IDS/IPS, DLP, etc.).

  • Review alerts escalated by end users and perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request).

  • Monitor health alerts and downstream dependencies in addition to providing limited response to end users for low complexity security events and reviewing false positive with the various Security teams to tune and provide feedback to improve accuracy of the alerts.

  • Document, investigate and notify appropriate contact for security events and response while participating in the resolution of events, even after they are escalated.

  • Collaborate with technical teams for security incident remediation and communication.

  • Conduct proof of concepts, vendor comparisons and recommend solutions in line with business requirements and execute security research on threats and remediation methods.

  • Contribute to strategic planning to evaluate, deploy or update security technologies.

  • Create process improvement by identifying inefficiencies and solutions for process improvements while following standard methodology to identify and/or detect threats to the IT infrastructure, applications and other information assets.

  • Promote cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting

  • Update job knowledge by tracking and understanding emerging security practices and standards while participating in educational opportunities, and reading professional publications.


Required Qualifications & Experience:

  • Bachelor’s Degree is required

  • 3+ years’ experience in information security, governance, IT audit, or risk management, Security investigations process and procedures

  • Experience writing correlation searches in Splunk ES

  • Ability to demonstrate technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms

  • General network knowledge, TCP/IP, Internet Routing, UNIX / LINUX & Windows OS

  • Understanding of common network services (web, mail, DNS, authentication)

  • Previous experience in Windows/UNIX scripting languages (bash, Python, Regex and PowerShell)

2 views0 comments

Recent Posts

See All

Machine Learning Engineer Sample

Engineer with a passion for Machine Learning and Artificial Intelligence who wants to keep up with the fast-evolving capabilities and...

Full-Stack Web Developer Job Sample

We are looking for a Full Stack Developer to produce scalable software solutions. You’ll be part of a cross-functional team that’s...

Senior Data Scientist Sample

A data scientist interprets the raw data and extracts valuable meaning out of it. They then use this information to find patterns and...

תגובות


bottom of page