Cyber Security Operations Engineer - Splunk

Leading Path Consulting Moorestown , NJ 08057

Posted 1 week ago

  • Cyber Security Operations Engineer Splunk
  • Moorestown, NJ
  • We are looking for a Cyber Security Operations Enablement Engineer (Contractor) to help support critical functions of our Cyber Security Operations Center (CSOC). This role is expected to develop and maintain an expert level understanding of all facets of daily operations including processing & technology, while developing & on-boarding new SIEM content & tuning detection technologies. RESPONSIBILITIES:
    • Conduct continual analysis of the complete CSOC security toolset, gaining an expert level understanding of all features along with how they maybe most effectively utilized.
    • Perform tuning & optimization of security tools & SIEM rules, partnering with other stakeholders within CCS and Comcast technologies groups as required.
    • Build working relationships with product owners to enable early awareness of new features pipelines. Evaluate all new features for inclusion into CSOC operations.
    • Identify opportunities for automation and run associated development efforts.
    • Validate completed use cases for SIEM rules and test that rules have been properly implemented.
    • Recommend new use cases for SIEM rule creation and log intake
    • Develop and troubleshoot automated playbooks for orchestration tools.
    • Create and edit technical documentation and runbooks.
    • Participate in Cyber Security investigations & incident response activities.
    • Conduct proactive monitoring as needed in response to company & global events.
    • Other duties and responsibilities as assigned.

Requirements

  • EXPERIENCE REQUIRED: At least 5 + years of related experience Proven hands-on experience building & managing Splunk uses cases & content driven from customer requirements. Solid technical understanding of common log formats & source designs, along with subject matter specific expertise in Splunk & Splunk Enterprise Security. Experienced configuring, tuning, and evaluating efficacy of key security tools including but not limited to firewalls, VPN, proxies, endpoint protection, DLP, CASb, SIEM, anti-malware, forensics. Familiarity with scripting languages such as Bash, Python, and/or PowerShell. Experience with major automation technologies such as ansible, Puppet, and/or Chef. Demonstrated experience with Microsoft Windows and Unix Operating Systems including command-line tasks and scripting. Expertise in conducting security assessments & configuration of major public & private cloud services.Understanding of the MITRE ATT&CK framework along with experience applying it across various security processes. Advanced knowledge of computer network concepts and protocols along with experience conducting network traffic & packet-level analysis. Advanced knowledge of computer networking concepts and protocols along with experience conducting network traffic & packet-level analysis. - Knowledge of advanced cyber threats and attacker methods including corresponding tactics/techniques/procedures (TTPs) Understanding of common types of attacks & vulnerabilities including CVSS, OWASP Top 10, CWE. -Demonstrated ability to understand & assess security risk. Knowledge of incident response and handling methodologies Superior technical writing, presentation, and organizational skills Work will be primarily remote with occasional on-site work in Moorestown, NJ.

Benefits

Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package, 401K, tuition reimbursement and opportunities for professional growth and advancement.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Incident Engineer (Enterprise & Forensics)

Leading Path Consulting

Posted Yesterday

VIEW JOBS 10/28/2020 12:00:00 AM 2021-01-26T00:00 <p><strong>Cyber Security Incident Engineer - Forensics</strong></p> <p><strong>Moorestown, NJ</strong></p> <p><strong>Summary</strong></p> <p>Responsible for conducting technical cyber security investigations utilizing leading forensic software to identify, collect, preserve and analyze electronic data from across variant technologies. The position will involve active participation in all phases of incident response and digital forensic evidence collection including malware reverse engineering. Responsible for determining the scope of a potential security breach by employing host and network based forensic analysis, determining if the activity was ultimately successful in compromising security controls and coordinating root cause analysis. Works independently with minimal-to-no supervision while also demonstrating the ability to be a subject matter expert on projects and initiatives autonomously. </p> <p><strong>Core Responsibilities</strong></p> <ul> <li>Evaluates, designs and implements cyber security forensics solutions to pre-stage ecosystem for use during an investigation</li> <li>Examining systems for points of intrusion and recreate breach scenario</li> <li>Overseeing chain of custody by maintaining preservation, collection, processing and production of electronically stored evidence</li> <li>Conducting host and network-based data forensic investigations</li> <li>Working closely with various groups, such as Investigations, internal and external counsel, internal audit, security, and human resources on internal matters</li> <li>Provide support to the Security Incident Response Team (SIRT) in the effective detection, analysis, and containment of attacks</li> <li>Collaborate and build relationships across the organization and in industry groups to obtain the latest investigative best practices </li> <li>Analyze malware and perform reverse engineering to drive intelligence, assist in containment and eradication</li> <li>Create briefings to educate leadership, IT operations staff, and users about technical threats</li> </ul><p><strong>Requirements</strong></p><p><strong>Skill and Abilities</strong></p> <ul> <li>Demonstrate proficiency skills and deep technical knowledge of cybersecurity forensic collection and data analysis tools (e.g., EnCase, FTK, X-Ways, TSK, Volatility, Honeyd, Firebug, Burpsuite, Redline)</li> <li>Perform as subject matter expert on technical incident response handling and digital forensics that is capable of planning, executing, and directing all phases of incident response</li> <li>Solid understanding of threat actor techniques related to reconnaissance, server attacks (with emphasis on web applications), end-user attacks, network-based attacks, expanding foothold (pivoting), and hiding tracks</li> <li>Advanced understanding of Linux, Windows operating systems, and network routers / switches </li> <li>Advance proficiency in information security principles and standards</li> <li>Knowledge of and experience with incident handling procedures and pursuing incidents.</li> <li>Experience determining cause and extent of data loss and advice on remediation plan</li> <li>Ability to present risks and propose countermeasures to non-technical audience</li> <li>Demonstrated proficient decision-making skills, analytical and problem-solving ability</li> <li>Ability to deliver succinct and fact-based communications, both verbally and in writing, and at various management layers</li> </ul> <p><strong>Education Level</strong> Bachelor’s Degree or master’s Preferred </p> <p><strong>Field of Study </strong>Information Assurance, Computer Science or related field</p> <p><strong>Certifications </strong>Required: CISSP; CISA, or GIAC </p> <p><strong>Years’ Experience</strong> Requires 5-7 years related experience.</p><p><strong>Benefits</strong></p><p>Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package, 401K, tuition reimbursement and opportunities for professional growth and advancement.</p> Leading Path Consulting Moorestown NJ

Cyber Security Operations Engineer - Splunk

Leading Path Consulting