Cyber Security Operations Consultant

Our client is a young growing organization providing consulting and advisory services in cyber security, cyber intelligence and cyber defense. These services are provided for companies in a wide range of industries including financial services, health, chemical, technology & communications, manufacturing, transportation, utilities, etc. Some of the offerings they provide are architecture, engineering, transformative services, response & remediation, enterprise security testing, industrial control systems security, security assessments & strategy, SOC transformation, etc.. Due to growth, we are recruiting for several key positions including Cyber Security Operations Consultants. Selected individuals will have a growth path, an opportunity to learn and the ability to make an impact.

Work in the Philadelphia area or remotely from home.

• SOC Operations provides the opportunity to work in dedicated network defense environments with focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations to ensure defensive resiliency.
• The threat monitoring role is primarily responsible for network defense to include monitoring of the SIEM and security technologies to verify potential threat activity.
• Candidates will serve as Subject Matter Experts, guiding clients in their efforts to refine and improve investigative and communication workflows.
• Daily activities include providing expert guidance to clients in their analysis of network logs, processing of mitigations, and determination and escalation of threat detections.
• Successful candidates will help maintain the defensive state of detection and alert capabilities for clients during this process and will be expected to work collaboratively in a teaming environment with various touchpoints, handoffs, and continuous prioritization.

• Experience working in a Security Operations Center or similar environment providing threat monitoring, intrusion detection, analysis, threat determination, and mitigations processing and tracking.
• Hands-on experience in performing Incident Response and Cyber Threat Intelligence functions.
• Previous experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other internal SOC organizations.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from cyber threat intrusions.
• Experience deploying Fidelis to egress points, data centers and remote sites.
• Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
• Ability to successfully communicate and transfer knowledge to provide clients with self-sustainable threat security programs.
• Previous experience working with and documenting analysis results in a knowledge and/or intelligence management system.
• Previous experience working with various network and system security technologies to include SIEM (such as Splunk ES, Securonix, IBM QRadar, HP ArcSight, and/or McAfee ESM/Nitro), data analytics platforms, endpoint tools, network technologies and appliances, etc.
• Experience with integrating industry-recognized network defense frameworks (e.g., MITRE ATT&CKTM, Lockheed Martin Cyber Kill Chain, Diamond Model, etc.) into network defense processes.
• Ability to evangelize security concepts to a wide audience and influence decision-making processes.
• Strong communication (both verbal and written) and client intimacy skills with experience briefing corporate executives and professionals.
• Must be self-motivated and able to work both independently and as part of a team.
• Bachelor’s Degree in an IT related field and/or equivalent work experience.

• Master’s Degree in Cyber Security or IT-related field.
• Certifications: CISSP, GCIH, GCFA, GCFE, GMON, GSEC, or other relevant security certifications.
• Provide input, guidance and direction on the overall market offering(s) related to SOAR and play an active role in evangelizing, building and developing our portfolio.
• Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
• Knowledge of security best practices in hardening and protecting networks, servers, endpoints, applications, and databases.
• Project Management experience, including a deep understanding of the client’s environment, the overall project scope, work plans, milestones, and engagement schedules.
• Experience in managing cyber security functions, strategy, and risk within Fortune 500 companies, or providing those services in a consulting capacity.
• Knowledge of industrial control systems, compliance standards (e.g., NERC CIP), and related cyber security standards (e.g., IEC 62443).

Address: 5 Lyons Mall, Basking Ridge, NJ. 07920