24 Nov
Threat Hunter / Cybersecurity Engineer - Remote / Telecommute
Vacancy expired!
We are looking for
Threat Hunter / Cybersecurity Engineer - Remote / Telecommute for our client in Chicago, IL Job Title: Threat Hunter / Cybersecurity Engineer - Remote / Telecommute Job Location: Chicago, IL Job Type: Contract Job Description:- Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools, and their log output.
- Experience in analyzing large data sets.
- Experience in using data mining, analytic and visualization tools, such as data lakes (Elastic, HDFS), Linux tools (ex. Grep, cut, sort), and regex.
- Experience with industrial taxonomies like Cyber Kill Chain, Mitre's ATT&CK, MiTRE’s CAPEC, MiTRE’s CAR, NIST, CIF, SANS, and STIX 2.0.
- Skills to analyze attack vectors against a particular system to determine the attack surface.
- Ability to produce contextual attack models applied to a scenario.
- Ability to demonstrate intrusion sets using cyber kill-chain and Tactics, Techniques, and Procedures.
- Ability to co-ordinate with other security focal points during an active incident.
- Knowledge of security controls, how they can be monitored, and thwarted.
- Knowledge of vulnerability detection and response from a Threat Hunting point of view.
- Network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection.
- Analytical, logical, and Problem-Solving Skills.
- Knowledge of cyber security threats, threat actors, and their associated TTP.
- Knowledge of OSI layers.
- Knowledge of Security Tools in Applications, Data, Networks, and Endpoint layers.
- Knowledge of malware-analysis and malware functionalities.
- Knowledge of native system and network policies.
- Knowledge of Query structures like Regular Expression, YARA and Snort rule, AQL, and KQL types.
- Basic knowledge of scripting languages like Bash, Python, and PowerShell, etc.
- Knowledge of log formats for Syslog, HTTP logs, DB logs, and how to gather forensics for traceability back to a security event.
Vacancy expired!