This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Your last stop to finding a great job in Texas

To post a job, login or create an account |  Post a Job

Incident Detection

Advantage Resourcing

This is a Full-time position in Plano, TX posted March 21, 2021.

n Position: Incident Detection n nLocation: Plano, TXn nJob Type: Full-time, Contractn nWork Remotely: Temporarily due to COVID-19n n n nSummaryn nThe Incident Detection role helps security operations by responding to escalated alerts and monitoring alerts.

This position conducts in-depth analysis of security events with the specific ability to identify Indicators of Compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential damage to our cyber ecosystem.n n n nEssential Duties Include But Not Are Limited To:n n n n n n
•Conducts Event Detection, Incident Triage, Incident.

Handling, Hunting activities by leveraging our detection/response platformsn n
•Continuously monitors levels of service as well as interpret and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployedn n
•Provide 24×7 incident detection and monitoring service, and performance report on regular basisn n
•Escalates cyber security events according to playbook and standard operation procedures (SOPs).n n
•Remediate non-compliance with technical and security requirements.n n
•Escalates high or critical severity level incidents to Incident Investigators.n n
•Assists with containment of threats and remediation of environment during or after an incidentn n
•Performs triage of service requests from customers and internal teamsn n
•Develop and implement remediation plans in response to incidentsn n
•Updates procedures and configure tools for Monitoring Analysts consumptionn n
•Consumes threat intelligence and disseminate findings to relevant partiesn n
•Conducts hunting activities based on internal and external threat intelligencen n
•Integration of additional supported log source/device and development of new use cases as requiredn n n n n nMINIMUM QUALIFICATIONn n n n
•Has to be flexible and be available for the various shift (our day shift is: 6am to 6pm, and the night shift is: 6pm to 6am as we run 24/7 SOC operation, and that includes on weekends as well.

It will be 2 days off then 2-3 days on.

Day and night shift would rotate every few months.)n n
•8+ years cyber security experience requiredn n
•3+ years of experience in incident response handlingn n
•BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experiencen n
•2+ years of experience using event escalation and reporting procedures, managing security alerts within enterprise SIEM systems, and performing network monitoring in a Cyber Security Operations environmentn n
•Working knowledge of security technologies such as Active Directory, anti-malware tools, forensics tools, firewalls, identity access management, IDS / IPS, multi-factor authentication, network devices, SIEM, threat intelligence, vulnerability scanners, monitoring tools, and web filters on premise and in cloud environments requiredn n
•Demonstrated analytical, problem-solving, and critical thinking skills requiredn n
•Ability to work with little supervision and consistently deliver results requiredn n
•Familiarity with network technologies and protocols (switches, routers, firewalls, VPNs, remote connection technologies, and multiple domain environments) strongly preferredn n n n n nPREFFERED QUALIFICATIONn n n n
•Experience with Splunk and other SIEM platforms, Enterprise Intrusion Prevention Systems, Endpoint Detection tools, and other security productsn n
•Experience conducting incident handling and response efforts in large enterprise environmentsn n
•Experience supporting incident investigationsn n
•Experience working in a 24/7 SOC environmentn n
•Security certifications (e.g.

Security+, Network+, CEH, SANS etc.)n n n n nnAbout Advantage Resourcingnn nn Advantage Resourcing is committed to providing equal employment opportunity for all persons regardless of race, color, religion (including religious dress and grooming practices), sex, sexual orientation, gender, gender identity, gender expression, age, marital status, national origin, ancestry, citizenship status, pregnancy, medical condition, genetic information, mental and physical disability, political affiliation, union membership, status as a parent, military or veteran status or other non-merit based factors.

We will provide reasonable accommodations throughout the application, interviewing and employment process.

If you require a reasonable accommodation, contact us.

Advantage Resourcing is an E-Verify employer.

This policy is applicable to all phases of the employment relationship, including hiring, transfers, promotions, training, terminations, working conditions, compensation, benefits, and other terms and conditions of employment.nn nn All employees are directed to familiarize themselves with this policy and to act in accordance with it.

All decisions with respect to employment matters and other phases of employer-temporary employee relationships will be in keeping with this policy and in accordance with all applicable laws and regulations.

nn n