Title: Threat Hunter/ Cybersecurity engineer.
Location: Remote - Candidates based in CST or EST time zone
Duration: 6 months
Rate: $60/hr
Job description:
Skills required:
- Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools and their log output
- Experience in analyzing large data sets
- Experience in using data mining, analytic and visualization tools, such as data lakes (Elastic, HDFS), linux tools (ex. Grep, cut, sort) and regex
- Experience with industrial taxonomies like Cyber Kill Chain, MiTRE’s ATT&CK, MiTRE’s CAPEC, MiTRE’s CAR, NIST, CIF, SANS and STIX 2.0
- Skills to analyze attack vectors against a particular system to determine attack surface
- Ability to produce contextual attack models applied to a scenario
- Ability to demonstrate intrusion sets using cyber kill-chain and Tactics, Techniques and Procedures
- Ability to co-ordinate with other security focal point during an active incident
- Knowledge of security controls, how they can be monitored, and thwarted
- Knowledge on vulnerability detection and response from Threat Hunting point of view
- Network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection
Required Professional and Technical Expertise :
- Analytical, logical and Problem-Solving Skills
- Knowledge of cyber security threats, threat actors and their associated TTPs
- Knowledge on OSI layers
- Knowledge on Security Tools in Application, Data, Networks and Endpoint layers
- Knowledge on malware-analysis and malware functionalities
- Knowledge on native system and network policies
- Knowledge on Query structures like Regular Expression, YARA and Snort rule, AQL and KQL types
- Basic knowledge on scripting languages like Bash, Python and PowerShell, etc
- Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to a security event