Sr. Cyber Security Investigator for a long-term consulting role on their Cyber Security, Blue Team. The key skills are heavy experience dealing with Intrusions, excellent understanding of Cyber Security best practices, strong Incident Response and Cloud Security, preferably with Azure Security Center.
RESPONSIBILITIES As a Cyber Security Investigator on this Blue Team, you will monitor alerts from the security tools and then do investigations on why the alerts occurred, providing triage and not remediation. You will segregate the issue, determining if it's a false positive or if it's a real intrusion, then take action accordingly. Will make the determination if the alert should be addressed or ignored. Will also provide performance tuning for security tools, identify improvements to processes and policies, making suggestions on how to improve security policies. The focus of this role will be on investigations in the Cloud, so there is a big emphasis in having a Cloud Security background. At first, you will work extensively with Azure Security Center, then later the environment will move to an AWS tool, Guard Duty.
REQUIRED SKILLS Intrusions and alerts Security monitoring Cyber Security best practices Incident Response Azure Security Center Log Analytics