Apply on
Job Description: Required skills:
Critical thinking and analysis
Strong sense of ownership
Highly curious
Fascination with big airplanes and travel
Able to work independently with minimal direction
Typical Duties and Responsibilities:
Standard 3 days on site, more as required
Travel occasionally for 0-2 nights
Maintain documentation
Support enterprise logging and analysis solutions
Analyze Log files for suspicious activity
Analyze event data for suspicious patterns
Analyze log sources, assess threats, and define alerting criteria
Develop log policies by creating rules, setting thresholds, and prioritizing alerts based on impact and urgency
Work with IR Engineering to configure data ingestion, detection rules, and fine-tune detection
Work with CIRT to configure incident creation, explore opportunities to enrich incident data, and assign incidents to CIRT teams
Review policies regularly, address false positives/negatives, and stay updated on technology
Data extraction
Reporting
Desired Skills (proficient):
Windows 10
Windows Server 2019
Linux Ubuntu 2018
Scripting (PowerShell, BASH, Python, etc.)
Desired Skills (familiar):
MySQL
Anvilogic
FluentBit
Desired Certifications:
CompTIA Security+, Certified Information Systems Security Professional (CISSP)
Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.