JobFlurry-Appcast-BR
Location
Rio Branco, AC | Brazil
Job description
Monitor, analyze, and triage cyber security alerts. English Advanced or Fluent. Take ownership of in scope cyber incident investigations (unless escalated to Tier 2 or Company in accordance with defined processes). Create, manage, and follow up on service tickets. Follow defined processes. Correlate data from various sources made available by Company. Assist WDT with guiding the appropriate remediation steps for cyber events via email, conference calls, phone calls, and instant messaging. Design, create, and update documentation as directed by Company. Research and analyze threat intelligence and indicators of compromise (IOC). Identify security technology deficiencies and manage remediation. Analyze malware using security technologies provided by Company. Review logs, decipher false positives, and track incident investigations from start to finish. Evaluate risk of cyber events and appropriate remediation. Update service tickets and cases with investigation evidence. Analyze emails for phishing or malicious content. Retrieve and analyze host / endpoint and network artifacts. Generate reports, graphs, summaries, metrics, dashboards, and other operational supportive documentation. Identify root cause through cyber incident investigations. Correlate vulnerability and patch data with cyber events. Take ownership of in scope cyber incident investigations (unless escalated to Company in accordance with a mutually defined processes). Mentor and support Tier 1 requests. Analyze raw data feeds for anomalies. Expand technical depth of evidence, documentation, artifacts, or investigations carried out by Tier 1. Identify suspicious traffic. Analyze malware to determine motivation, artifacts, risk, and any other components relative to supporting the cyber incident investigation. Collect and analyze full packet captures. Review and interpret firewall logs. Collect and analyze memory from endpoint systems. Design, create, and implement automation scripts provided by Company. Design IOCs and alert correlations. Awareness of recent threat intelligence and “zero day” attacks in the industry. Identify virus outbreaks and manage containment and remediation efforts. Design and improve protective and detective security technology controls. Take control of endpoints identified as infected to perform remediation actions, such as running an antivirus, deleting files, closing the process, etc.
Job tags
Salary
