Job Description

Position Summary

Respond to alerts and validate findings

Escalate security incidents incident response teams for investigation / remediation

Support Incident Response investigations for Coretek and Coretek customers

Learn to perform analysis of logs and alerts

Coordinate with appropriate teams to provide incident handling and response support

Responsibilities:

3-5 years\xe2\x80\x99 experience in SOC

Knowledge of incident response, investigation, system forensics, or related cyber security education / self-learning

Familiarity with Windows and Linux operating systems including command line operation

Possess a foundation in networking fundamentals and TCP/IP

Knowledge of common network-based services and common client/server applications

Handle security incident escalation via Cyber Case Management tools, SIEM, ITSM, email, phone, or walk-up

Excellent problem-solving skills to diagnose technical issues

Experience working on a security operations team

Experience reviewing and analysing log data from various network and security devices

Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication

Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge

Experience with enterprise SIEM products

Experience with ITSM, SOAR, or Cyber Case Management Tools

Scripting with Python, Perl, Bash and/or PowerShell a plus

Database structures and queries, Regular Expressions a plus

Experience acquiring and analysing data from clients and servers related to security incident response

Digital Forensic or Threat Intelligence work

Ability to learn new technology and concepts quickly

Ability to work on a shift or on-call rotation if needed

Learn to use and improve incident response procedures & runbooks

Certifications in Cyber security, Information Security, networking is preferred

Coretek Services