LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.
Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.
At least five years of experience performing the functions associated with this labor category.
Experience administering and maintaining the logic for a variety of intrusion detection, prevention, and analysis platforms that are designed to identify and/or technically counter attempted intrusions as part of a defense-in-depth program that protects both local (onpremises) and cloud computing systems.
This includes authoring and implementing custom detection content for signature-based detection systems, security information and event management (SIEM) systems, host-based detection systems, and firewall logic.
Experience monitoring real-time network activity flagged by a variety of intrusion detection, prevention, and analysis platforms and experience analyzing the resulting raw data, metadata, and event logs to confirm suspected intrusion attempts into either local (onpremises) or cloud computing systems.
Experience investigating network anomalies and responding to cybersecurity incidents in either local (on-premises) or cloud computing systems, including all phases of the digital forensics and incident response process (e.g. preparation, scoping, containment, eradication, remediation, recovery, lessons learned, and closeout).
Experience implementing and maintaining a fully operational data loss prevention capability that prevents the loss of data from local (on-premises) and/or cloud computing systems.
Capabilities
Administer and maintain logic for a variety of intrusion detection, prevention, and analysis platforms.
Author and implement custom detection content for signature-based detection systems, security information and event management (SIEM) systems, host-based detection systems, and firewall logic.
Monitor real-time network activity flagged by a variety of intrusion detection, prevention, and analysis platforms and analyze raw data, metadata, and event logs to confirm suspected intrusion attempts into either local (on-premises) or cloud computing systems.
Investigate network anomalies and respond to cybersecurity incidents in either local (on-premises) or cloud computing systems.
Implement and maintain a fully operational data loss prevention capability that prevents the loss of data from local (on-premises) and/or cloud computing systems.
Certifications
Certified Information Systems Security Professional (CISSP)
Certified Incident Handler (GCIH)
GIAC Network Forensic Analyst (GNFA)
GIAC Certified Forensic Analyst (GCFA)
Equivalent
Seniority level
Associate
Employment type
Contract
Job function
Information Technology
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at RecruitTalent, LLC. by 2x