Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, application and system logs, and databases.
Perform triage of incoming alerts - assess the priority, determine risk, respond.
Create tickets and escalate to higher-level security analysts and developers.
Maintain strong knowledge and awareness of the current threat landscape - crypto and financial sectors.
Conduct proactive threat hunting and research on logs.
Requirements:
5+ years experience in similar positions and experience with cybersecurity - from the military, private sector, etc.
Strong teamwork and collaboration skills, including the ability to work effectively within a globally distributed group.
Knowledge of and experience with SIEM systems.
Strong experience with Mac OS, Windows, Unix/Linux.
Basic understanding of network structures and cloud architectures.
Experience with application security & maintenance alerts and response
Experience with Amazon AWS
Strong written and verbal communication skills in English, and the ability to document technical topics in a clear and easy manner.
Able and willing to work in a 24/7/365 environment, including nights and weekends, on a rotating shift schedule.
Experience with tools such as Wireshark, Fireblocks, Nessus, Kibana/Elasticsearch.