View All Jobs at Esr healthcare
Refer a Friend
Why join Esr healthcare
esrhealthcare.com.mysmartjobboard.com
Job Description
Experience level: Mid-senior Experience required: 4 Years Education level: Bachelor’s degree Job function: Information Technology Industry: Financial Services Pay rate : $65 per hour Total position: 1 Relocation assistance: No
Candidates hired for this role will be required to start full onsite following hybrid work option, 2 to 3 days in office. Please submit Local candidates from Tampa only.
Due to a recent increase in misrepresentation during the interview process, has implemented a new policy that requires a candidate’s headshot on the front page of the resume to be considered.
This role is Contract to Hire.
Position Summary
The Threat Management Associate will perform detection and analysis activities through the monitoring of security appliances, such as, SIEM, IDS/IPS, EDR, and other Threat Detection platforms. The Threat Management Associate will conduct in-depth analysis of cyber alerts to confirm a compromise has occurred and lead/assist in necessary response steps based on the Incident Response Plan and perform additional tasks for the Cyber Blue Team.
Specific Responsibilities
Provide technical leadership for a team of analysts who continuously perform monitoring and triage of alerting to determine what is actionable while prioritizing incidents based on risk.
Lead the continuous monitoring, identification, intake, triage, response, containment, remediation, and resolution of cyber incidents by identifying root cause while prioritizing incidents based on risk.
Analyze data from various sources to identify possible risk indicators, determine possible root cause and identify preventative actions.
Proactively conduct resear
Leadership Competencies for this level include
Accountability: Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals.
Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
Communication: Articulates information clearly and presents information effectively and confidently when working with others.
Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas.
Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.
Qualifications
Strong understanding of incident response processes, workflows, communications and reporting, escalations, and cross-department collaboration.
Previous hands-on experience with modern security tools such as SIEM/SOAR, EDR/XDR, NGFW, EUBA, and DLP.
Experience with Windows file system and registry functions or Linux/Unix operating systems and command line tools.
Working knowledge of various security methodologies and processes, and technical security solutions (i.e. firewalls, proxies, and intrusion detection systems),
Working knowledge with analyzing cyber-incidents and determine root cause,
Extensive knowledge of network and server security products, technologies, and protocols,
Knowledge of common security vulnerabilities including OWASP Top 10.
Strong dynamic and static malware analysis skills.
Skill and work experience in scripting are a great plus (Shell scripting, Python, Powershell).
Excellent written and verbal communication skills,
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
Strong technical writing, documentation, and communication skills necessary to create and present findings to C-level management,
3+ years of experience working within a SOC and/or handling incidents,
Security certification(s) and/or official training, such as CompTia Sec+, CompTia CySa+, GCIH, CSIH, ECSA, CHFI, ECIH, CEH, AWS SA, similar, or degree are a plus.
Skills