Senior Incident Response Engineer leading advanced security responses focused on Microsoft E5 security at Acrisure. Collaborating across teams for robust incident management and security policy enforcement.
About the role
- CSOC Analyst identifying cybersecurity issues and analyzing network traffic for mitigation strategies. Joining a team at Nightwing to enhance resilience and security operations for mission support.
Responsibilities
- Identification of Cybersecurity problems which may require mitigating controls
- Analyze network traffic to identify exploit or intrusion related attempts
- Recommend detection mechanisms for exploit and or intrusion related attempts
- Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
- Escalate items which require further investigation to other members of the Threat Management team
- Execute operational processes in support of response efforts to identified security incidents
- Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
- Follows strict guidance on reporting requirements
- Keeps management informed with precise, unvarnished information about security posture and events
- Promotes standards-based workflow both internally and in coordinating with US-CERT
- Engages with other internal and external parties to get and share information to improve processes and security posture
- Supervises and guide team efforts
- Communicates to CISO leadership
- Produces design documentation
- Leads analyzing/investigating reports or anomalies
Requirements
- Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
- Must have 2+ years of relevant work experience
- Must have experience in: Endpoint Detection and analysis, Sysmon log analysis, IT security, Network traffic analysis
- Strong working knowledge of: Boolean Logic, TCP/IP Fundamentals, Network Level Exploits, Threat Management
- Knowledge of Control Frameworks and Risk Management techniques
- Excellent oral and written communication skills
- Excellent interpersonal and organizational skills
- Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
- Strong understanding of common IDS/IPS architectures and implementations
- Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
- Desired Skills: Splunk experience, developing queries, data models, and dashboards; Cloud monitoring experience is a plus; Excellent writing skills
Benefits
- Nightwing is An Equal Opportunity/Affirmative Action Employer.
- All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Director of Product Marketing coordinating go - to - market strategy for endpoint security solutions at Tanium. Leading cross - functional teams to enhance product positioning and market impact.
SecOps Engineer implementing infrastructure security solutions in AWS and GCP at Tala. Focused on vulnerability management and protection in a global financial infrastructure company.
SOC Manager leading cybersecurity operations and strategies for federal clients in a 24/7 environment. Managing SOC activities and mentoring teams while maintaining security integrity.
SOC Analyst role focusing on IT security posture monitoring and threat detection use case development for MAHLE. Collaborate with global teams to enhance security processes and tools.
Security Operations Engineer at Pexip managing and improving security monitoring systems. Leading security incidents and ensuring effective alerting and automated response.
Security Operations Engineer at Gridware enhancing security, detection, and response in cloud - first environments. Collaborating with IT and engineering teams to implement best practices.
Cybersecurity Operations Director leading cybersecurity managed services operations at a global accounting firm. Overseeing teams, driving growth, and serving as an advisor to clients.
L2 SOC Analyst managing security incidents and responses at Keyloop, focusing on digital transformation in the automotive sector.
Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.