Director leading security operations and enhancing vulnerability management at IDEXX. Driving strategic execution and operational excellence across key domains in cybersecurity.
About the role
- Identification of Cybersecurity problems which may require mitigating controls.
- Analyze network traffic to identify exploit or intrusion related attempts.
- Recommend detection mechanisms for exploit and or intrusion related attempts.
- Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies.
- Escalate items which require further investigation to other members of the Threat Management team.
- Execute operational processes in support of response efforts to identified security incidents.
- Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements.
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
- Follows strict guidance on reporting requirements.
- Keeps management informed with precise, unvarnished information about security posture and events.
- Promotes standards-based workflow both internally and in coordinating with US-CERT.
- Engages with other internal and external parties to get and share information to improve processes and security posture.
- Supervises and guide team efforts.
- Communicates to CISO leadership.
- Produces design documentation.
- Leads analyzing/investigating reports or anomalies.
Requirements
- Must be eligible to obtain a sensitive clearance – Position of Public Trust.
- Must have 5+ years of relevant work experience.
- Must have experience in: Endpoint Detection and analysis, Sysmon log analysis, IT security, Network traffic analysis.
- Strong working knowledge of: Boolean Logic, TCP/IP Fundamentals, Network Level Exploits, Threat Management, Regular Expressions.
- Knowledge of Control Frameworks and Risk Management techniques.
- Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies.
- Strong understanding of common IDS/IPS architectures and implementations.
- Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection.
- Certifications (one or more desired) DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA.
- U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Benefits
- Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services.
- The ability to obtain and maintain a U.S. government issued security clearance is required.
- Excellent interpersonal and organizational skills.
- Collaborate with cross-functional teams to deliver high-quality security incident resolutions.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
DE
IT Security Operations Specialist ensuring security of global networks, systems, and data. Implementing security controls and performing advanced threat hunting using Microsoft Sentinel and Darktrace.
SU
SunrunStaff SOC Analyst
Staff SOC Analyst driving advanced threat detection and incident response for Sunrun's security team. Leading complex investigations, mentoring analysts, and improving detection capabilities in a remote setup.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst monitoring global events and managing critical incidents for Netflix's security operations. Ensuring timely communication and assessment during major security threats.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst focusing on critical events and risk management operations at Netflix. Monitoring global threats and coordinating incident management efforts in a hybrid work setting.
AS
A SocietySecurity Operations Center Engineer
Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
CA
Credit AcceptanceSecurity Operations Vulnerability Analyst II
Security Operations Vulnerability Analyst II identifying and mitigating security vulnerabilities. Collaborating with teams to ensure timely risk remediation and protection of enterprise systems.
ON
OntinueSOC Analyst
Cyber Defender (SOC Analyst) acts as the key point of contact for major security incidents. Coordinating response efforts and enhancing procedures at a leading AI - powered security partner.
CI
Core Specialty Insurance Holdings, Inc.Junior Security Operations Center Analyst
Junior SOC Analyst at Core Specialty responsible for monitoring and triaging security alerts across IT environment. This role offers hands - on experience in cybersecurity with a fast - paced operational environment.
TN
Transport for NSWSecurity Operations Coordinator – Temporary Opportunity
Security Operations Coordinator overseeing security strategies and managing operations for public safety in NSW. Collaborating with law enforcement and enhancing transport system resilience with flexible work options.