Austin, TX, USA
2 months ago
- Assist the CSIRT by performing analysis and providing recommendations on the remediation and containment processes.
- Implement the new threat detection and strengthen the current tool set.
- Write reports and findings on cyber threats and investigations.
- Perform proctive threat hunting and collect IOCs for threat intelligence.
- Track advanced persistent threats (APTs) and threat actors and coordinate to draw up reports with threat intelligence teams.
- Build custom signatures and queries for the detection and analysis of attacks.
- Write scripts to find host-based IOCs.
- Find the initial source.
- Analyze host and network traffic, IDS/IPS, logs and p-cap.
- Support the incident response team in malware, systems, and triage analysis.
- Conduct root cause analysis on incidents
- Perform network p-cap analysis and host-based investigations