Active threat hunting within the General Atomics network using a formalized process. Identifies cybersecurity vulnerabilities and participates in the development and implementation of remediation. Develops signatures and alerts to enhance visibility of complex threats using a variety of tools and techniques. Performs digital forensics and detailed reporting for cybersecurity and internal investigations. In-depth analysis and detailed reporting of threats, malware, root cause and endpoint behavio... more details
General Atomics (GA), and its affiliated companies, is one of the world’s leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies.
We have an exciting opportunity for an Incident Response Analyst to join our ITS Cybersecurity Threat Management (CTM) in Rancho Bernardo, California. With general supervision under the CTM manager, this position is responsible for cybersecurity threat hunting, incident response management, threat and intrusion analysis, digital forensics, cybersecurity consulting and threat assessments.
DUTIES AND RESPONSIBILITIES:
Active threat hunting within the General Atomics network using a formalized process.
Identifies cybersecurity vulnerabilities and participates in the development and implementation of remediation.
Develops signatures and alerts to enhance visibility of complex threats using a variety of tools and techniques.
Performs digital forensics and detailed reporting for cybersecurity and internal investigations.
In-depth analysis and detailed reporting of threats, malware, root cause and endpoint behavior using a variety of tools including IR Case Management, EDR, SIEM, PCAP, Mitre Framework, malware sandbox.
Performs maintenance and upkeep of the CTM forensics lab and various analysis tools.
Collects, maintains and analyzes threat intelligence from both internal and external sources.
Works in partnership with the ITS Cyber Security Operations Center (CSOC) as an escalation resource for incident response and threat analysis.
Consults within ITS and internal business units regarding cybersecurity architecture and threat mitigation.
Performs and manages threat assessments.
Develops process enhancements and efficiencies to improve overall cybersecurity team effectiveness.
Maintains the strict confidentiality of sensitive information.
Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. Expected to work in a safe manner in accordance with established operating procedures and practices.
Performs other duties as assigned or required.
We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.
Typically requires a bachelors degree in a related discipline and five or more years of progressive professional experience in cyber security or a related field. Equivalent professional experience may be substituted in lieu of education.
US Citizenship is required.
Must have the ability to obtain and maintain a US Government security clearance.
Must demonstrate a general understanding of cyber security incident response and forensics analysis principles, theories, concepts and techniques.
Must have experience organizing, planning, scheduling, conducting, and managing work assignments to meet project milestones or established completion dates.
Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
Must be customer focused and possess: (1) the ability to identify issues, analyze data and develop solutions to a variety of technical problems; (2) good analytical, verbal and written communication skills to accurately document, report, and present findings; (3) good interpersonal skills enabling an effective interface with other professionals and team mates; and (4) good computer skills.
Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.
The following certifications are desirable:
GCIA, GCIH, GCFE, GCFA, CEH, CySA+, DoD 8140 qualified
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.