The Information Security Investigator has a deep technical understanding of the Managed Security Services (MSS) technologies; intrusion analysis, anomalous behavior analysis, and threat intelligence . This role holds is entrusted with intimately advising clients of threats and breaches, and must have the ability to lead and direct security analysts and fellow investigators. The investigator is required to maintain an intimate understanding of the customer environment and reflect such knowledge in The investigator will remain up-to-date on active security threats and events across all sectors with specific focus on customer sectors, specifically financial, retail, medical, and energy. The investigator will work in an assigned shift, and is required to be present physically and via secure messaging such as IRC and Cisco Jabber; constant interaction with the SOC staff is required.
Conduct in-depth investigations into security breaches at customer sites using all available tools within customer environment, Cisco, and online.
◦ Resolve cases escalated from security analysts (either as escalated ticket to customer or resolving as false positive.)
◦ Resolve cases dispatched from customers (CAT6), maintain daily dialog with customer on case until resolved.
◦ Review device logs, packet capture, and all forms of telemetry; interpret data
◦ Conduct online forensic investigations of devices (routers, – switches, UNIX and Windows hosts)
◦ Iby threats
To apply for this job email your details to firstname.lastname@example.org