X-Received: by 2002:a05:620a:669:: with SMTP id a9mr40137221qkh.266.1579286031491; Fri, 17 Jan 2020 10:33:51 -0800 (PST) X-Received: by 2002:a81:60c2:: with SMTP id u185mr33418732ywb.112.1579286031322; Fri, 17 Jan 2020 10:33:51 -0800 (PST) Path: csiph.com!xmission!news.alt.net!feeder.usenetexpress.com!tr2.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!g89no6937011qtd.0!news-out.google.com!w29ni1545qtc.0!nntp.google.com!g89no6937001qtd.0!postnews.google.com!google-groups.googlegroups.com!not-for-mail Newsgroups: comp.databases.ms-sqlserver Date: Fri, 17 Jan 2020 10:33:51 -0800 (PST) Complaints-To: groups-abuse@google.com Injection-Info: google-groups.googlegroups.com; posting-host=183.82.103.217; posting-account=waPYcgoAAADNoMFZyJMd6gqL2KIbzieC NNTP-Posting-Host: 183.82.103.217 User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <5dafa926-d885-4bf7-b4b7-70a5e4274fb2@googlegroups.com> Subject: CYBER SECURITY ANALYST_Oradell,NJ From: recruiter 642 Injection-Date: Fri, 17 Jan 2020 18:33:51 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Lines: 49 Xref: csiph.com comp.databases.ms-sqlserver:2025 Role: CYBER SECURITY ANALYST Location:Oradell,NJ Job Type: C2C,C2H Duration:12 Months Duties and Responsibilities: =E2=80=A2 Investigate, analyze & respond to SIEM events with articulate ana= lysis and clear response guidance to other partner teams through established communication mechan= isms like =20 ticketing systems. =E2=80=A2 Work closely with Security Engineering team by providing inputs i= n the areas of SIEM=20 especially with new log sources integrations, visibility gaps, use case = development,=20 monitoring and documentation. =E2=80=A2 Improve the efficiency of the programme by always looking for opp= ortunity to tune security=20 controls (SIEM, IPS, WAF, EPP) to enhance the security posture of the en= terprise. =E2=80=A2 Contribute to the Incident Response by actively participating in = different roles while=20 simultaneously engaging with IR Lead. =E2=80=A2 Develop in-depth understanding of different Organization workflow= s & contribute to the kill=20 chain diagrams & playbooks for different IR scenarios. Requirements: =E2=80=A2 Experience working on SIEM Tools like Qradar, Splunk & Arc sight. =E2=80=A2 Expertise in triaging, analyzing & responding to different SIEM e= vents/offenses that normally=20 Includes logs from variety of platforms.=20 =E2=80=A2 Experience in developing use cases based on a given context, tuni= ng the SIEM for reducing=20 False positives & increased detection of adversarial tactics, techniques= and procedures =20 (TTPs) =E2=80=A2 Experience in doing the Incident Response through all phases by a= ssuming different roles of=20 Incident Manager, Scribe and Engineer. Ability to assess the criticality= of the asset/incident=20 And ability to escalate as required.=20 =E2=80=A2 Strong understanding of Network Security controls & ability to ut= ilize them during IR. If you are interested please share your resume at resumes@usajobservices.co= m