Back to jobsApply
Dragonfli Group

CyberSecurity as a Solution: Enabling Secure Business.

Cyber Threat Analyst

Threat Intelligence SpecialistSecurity AnalystFull TimeRemoteTeam 11-50H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

38 days ago

Salary

Not specified

Bachelor Degree7 yrs expEnglishCloudCyber SecurityLinuxSplunkUnix

Job Description

• Perform triage on security escalations and detections to determine scope, severity, and root cause; monitor cybersecurity events and investigate incidents efficiently. • Identify, recommend, and implement automation use cases leveraging AI/ML capabilities to accelerate response times. • Support the deployment, configuration, testing, and maintenance of the Security Orchestration, Automation, and Response (SOAR) platform, specifically focusing on SentinelOne and Splunk integrations. • Create and modify detection rules, signatures, and alerts across SIEM and EDR platforms (Splunk and SentinelOne) to reduce false positives and enhance fidelity. • Analyze alerts from Cloud, SIEM, EDR, and XDR tools; build and maintain comprehensive dashboards and perform complex queries to support decision-making. • Perform vulnerability assessments of discovered CVEs against agency systems and analyze network traffic to provide actionable security recommendations. • Apply security frameworks such as MITRE ATT&CK and NIST to interpret use cases into actionable monitoring solutions. • Effectively communicate technical findings to non-technical audiences and influence stakeholders to comply with security standards and best practices.

Job Requirements

  • 7+ years of experience with security operations, threat hunting, and incident response
  • Experience in analyzing alerts from Cloud, SIEM, EDR, and XDR tools, and alerts tuning process with preference on SentinelOne, Armis, and Splunk.
  • Experience in configuring network devices and analyzing network traffic
  • Experience with Artificial Intelligence and Machine Learning (AI/ML) based security tools.
  • Experience in researching, developing, and implementing SOAR use cases.
  • Familiar with Security Orchestration, Automation, and Response (SOAR) platform
  • Familiarity with cybersecurity operation center functions.
  • Experience configuring and re-configuring security tools, including SentinelOne and Splunk.
  • Experience implementing Security frameworks, such as MITRE ATT&CK and NIST, and can interpret use cases into actionable monitoring solutions.
  • MUST have one or more of the following Certification(s): CISSP, CISA, CISM, GIAC, RHCE.
  • Strong working knowledge of: Develop, test and Implement dynamic Risk-Based Alerting (RBA) Identifying and developing RBA and identifying use cases for SOAR and AI/ML. Monitor and analyze alerts from various sources such as IDS/IPS, Splunk, Tanium, MS Defender, SentinelOne and Cloud security tools leveraging SOAR and AI/ML capabilities, and provide recommendation for further tuning of these alerts when necessary. Analyze network traffic utilizing available tools and provide recommendations. Perform vulnerability assessments of recently discovered CVEs against USPS systems and network. Assist in the process of configuring or re-configuring the security tools. Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes. Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave. Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements.

Benefits

  • Insurance – health, dental, and vision
  • Paid Time Off (PTO) and 11 Federal Holidays
  • 401(k) employer match

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs

More Threat Intelligence Specialist Jobs

Intelligence Analyst

DarkTower

Cyber Intelligence Solutions | A Division of Queen Associates

Threat Intelligence Specialist40 days ago
Part TimeRemoteTeam 11-50H1B No Sponsor
Company SiteLinkedIn

Intelligence Analyst providing open source cyber intelligence in a remote role

Open Source
View details: Intelligence Analyst
North Carolina
$12 - $15 / hour
Apply

Chief of Staff

Ando Technologies, Inc
Threat Intelligence Specialist40 days ago
Full TimeRemote

Ando is building AI-native workforce infrastructure for the 80M hourly workers in the U.S. and hundreds of millions globally. Labor is the last broken supply chain. Forecasting, allocation, and professional identity remain fragmented across static tools and manual decision-making...

View details: Chief of Staff
United States
Apply

Laser Applications Specialist

X SERIES USA
Threat Intelligence Specialist41 days ago
Full TimeRemoteTeam 2-10

This is a remote position. Baselining/debugging new CNC equipment systems Training new customers and operators on equipment operation, procedures, and best practices Troubleshooting existing equipment systems Performing data analysis to assess machinery performance Documenting ma...

View details: Laser Applications Specialist
United States
Apply

Tech Lead, Implementation

HeadFirst B.V.
Threat Intelligence Specialist41 days ago
Full TimeRemote

Job Description Implementation – Tech Lead Position Dimensions Business Unit: Customer Experience (CX) Job Band: 6 Reports to: Manager, Technology Solutions Implementation Job Family: Reporting, Tech and Automation Direct reports: None Job family subset: Tech Implementations Budg...

View details: Tech Lead, Implementation
United States
Apply