ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government's Small Business Administration.
Job Description
We are seeking a Cyber Threat Hunter/Analyst for a contract opportunity in Littleton, CO. In this role, you will be configure security solutions, identifying and prioritizing potential threats. You will also perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. Lead security incident investigations. Complete and deliver complex security reports to management in business terms. Additional responsibilities of this role are as follows:
Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.Create correlations and other logic to identify attackers and defend the network against advanced attacks.Hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responsesProvide expert analytic investigative support of large scale and complex security incidentsPerform Root Cause Analysis of security incidents for further enhancement of alert catalog.Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.Report Run Verification – ensure customer reports run as scheduledImprove their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-studyReview SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidentsHandle Tier 2 event incident response, case management, and customer notificationEnsure security devices contain up-to-date signatures librariesAssist with engineering tasks as necessaryTrain SOC Level 1 Analysts on new attack signatures and attack methodologiesProviding process and operational improvement suggestionsReview and update documentation (such as SOPs and TTPs)Complete vendor training as requested by ManagementDaily Case Management – the Security Analyst will review open cases and provide follow up that may be requiredSOC Activity Log –creating, reviewing, and maintaining entries , working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.Tuning – regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered
• 5+ years of Information Security experience
• 5+ years Firewall management and rules analysis
• 2-4 years of systems analysis
• Working knowledge of Linux and syslog from CLI
• Excellent writing and communications skills
• Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
• Ability to work in a dynamic team-centered environment
Certifications preferred (any of these will be great):
• Certified Information Systems Security Professional (CISSP)
• Information Systems Security Engineering Professional (CISSP-ISSEP)
• Systems Security Certified Practitioner (SSCP)
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• Certified Security Analyst (ECSA)
• Certified Incident Handler (ECIH)
• CompTIA Cybersecurity Analyst (CSA+)
• Information Technology Infrastructure Library (ITIL)
• Cisco CCNA
• Cisco CCNP + Security
• GSEC
• GCIH
• GCIA
• MCSE
• Linux+
This contract role is located onsite in Littleton, CO. Due to the Federal Government projects this role will be supporting, the selected candidate for this role, will need to be a U.S. Citizen.