" Strong Linux and Python skills preferred
" Monitoring devices such as McAfee Security Information Event Management (SIEM), McAfee EPO Threat workspace, Endpoint Security Suite threat events, McAfee Active Response (Endpoint Detection and Response-EDR), Advanced Threat Defense (ATD Sandbox), Threat Intelligence Exchange, Data Exchange Layer, Network and host-based intrusion detection systems, User and Entity Behavior Analysis, Email Gateway Advanced Threat Protection, Web application firewalls, database security monitoring systems, firewalls/routers/switches/vpn, file integrity monitoring tools, Active Directory Logs and operating system logs.
" Responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating e-mail borne threats such as spam and phishing.
" Identifies and mitigates vulnerabilities using alternate or compensating controls if necessary.
" Recognizes potential security violations, takes appropriate action to report the incident as required by regulation, and mitigates any adverse impact.
" Basic technical understanding of MITREs Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK") knowledge base.
" Basic technical understanding of MITREs Ten Strategies of a World-Class Cybersecurity Operations Center
" Basic technical understanding of the Cyber security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
" Basic technical understanding of network fundamentals and common Internet protocols.
" Familiarity with Microsoft Windows, MAC OSs and Linux/Unix system administration and security controls.
" Have good verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
" Preferred Candidate to have a technical degree or diploma preferred in computer science, information technology, or related cyber field.
" System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
" Scripting skills (i.e. Python/Perl, shell scripting) a significant plus.
" Prior experience in a 24x7x365 operations environment.
Applicants must be authorized to work in the U.S.
CyberCoders, Inc is proud to be an Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Your Right to Work – In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.