ECIH

EC-Council Certified Incident Handler

Please find 10 job postings to show specific certification that you do not have. Please
copy the job title, duties, education requirement/certification and save it on word and
email it to me

-Find 3 different programs that offers certifications that you need (Please list the school,
what program and program of study) - save it on word and email it to me.
1 Security Operations Center (SOC) Analyst

InfiCare Staffing Morrisville, NC On-site 5 months ago 131 applicants

 Full-time · Entry level

 201-500 employees · Staffing and Recruiting

Security Operations Center (SOC) Analyst at InfiCare Staffing

Security Operations Center (SOC) Analyst

InfiCare Staffing Morrisville, NC On-site

Security Operations Center (SOC) Analyst at InfiCare Staffing

About the job

InfiCare has been providing Contingent Staffing and Direct Hire staffing services to its clients across the
US and in four continents Since 2001. Starting from a modest beginning in 2001, today we service clients
ranging from Fortune 500 companies to medium sized businesses as well as small niche firms. In US we
are based at Dulles, VA.
We are hiring "Security Operations Center (SOC) Analyst" for one of our clients.
Job Title: Security Operations Center (SOC) Analyst
Location: Morrisville NC 27560
Duration: Long Term Contract
Job Description
The Cybersecurity Operations Portfolio is in need of a Security Operations Center (SOC) Analyst
supporting its Threat Intelligence (TIU) program. This resource will be working with the OPS: Threat
Intelligence (TIU) team to:
Implement a dynamic, advanced Risk-Based Alerting (RBA) security framework within Splunk
Create and test detections written in advanced Splunk Programming Language (SPL)
Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not
limited to, Microsoft Windows, UNIX, Linux, as well as embedded systems and mainframes.
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs,
firewall logs, and intrusion detection system logs) to identify possible threats to network security.
Leverage tools including Splunk, Tanium, FireEye suite as part of duties performing cyber incident
response analysis.
Act as an observer to Red Team penetration testing exercises and collaborating with Cybersecurity
Operations Center (CSOC).
Correlate event or incident data to identify specific vulnerabilities and make recommendations that
enable expeditious remediation.
Work with a diverse team of analysts in conducting incident triage, incident handling, and remediation.
Qualification Requirements
5+ years experience with Splunk, MITRE ATT&CK Framework, Endpoint Security Services
Experience with host level scripting, eg. Powershell.
Experience in working with one or more Cloud Platforms
Familiarity with cybersecurity operation center functions
Linux Administration and monitoring
Windows Administration and monitoring
Experience with Security framework and can interpret use cases into actionable monitoring solutions.
Strong Working Knowledge Of
Security Information and Event Management (SIEM) systems.
Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
Network and Host malware detection and prevention.
Network and Host forensic applications.
Web/Email gateway security technologies.
Sysmon.
Log aggregation tools.
Demonstrated ability to establish priorities, manage shifting priorities, and handle numerous time-
sensitive projects with multiple deadlines
Ability to accomplish goals working through formal and informal channels, with diplomacy and
tactfulness
Demonstrated solid planning and organizational skills
Demonstrated experience working independently and as part of a team
Weekday shift (M-F, 7AM-4PM or 8AM-5PM)
Experience Level
5-7 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency
Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations
Center (SOC).
Education
Bachelors Degree in Computer Science, Information Technology or Information Security
CERTIFICATIONS: (One or more required)
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)
CISA - Certified Information Systems Auditor
Should you be interested, please send me a copy of your resume in Word/PDF format along with the
following details ASAP.
Full Name
Current Location:
Work Authorization
Salary / Rate expectation:
2 Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance

ClearanceJobs Beltsville, MD Hybrid 2 months ago 2 applicants

 Full-time · Mid-Senior level

 11-50 employees · Defense and Space Manufacturing

 See recent hiring trends for ClearanceJobs.

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance at ClearanceJobs

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance

ClearanceJobs Beltsville, MD Hybrid

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance at ClearanceJobs

About the job

OneZero is looking for solutions-oriented professionals to join our diverse team of Cyber Security
Specialists supporting a large Government client in the Rosslyn VA and Beltsville MD areas. We are an
employee-centric company that truly appreciates our team members and their value to our customers
and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering
teams that are and continue to be technically proficient and technically capable across a comprehensive
range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits
package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO &
paid holidays, employee referral program, and educational assistance. Additional details can be found
on our website at: https://www.onezerollc.com/careers/ Position Title: Cyber Network Defense Analyst
Location: Beltsville, MD Clearance: TS/SCI or Secret (multiple positions available) Primary
Responsibilities Perform network monitoring 24x7x365 basis of all designated enclaves, networks, and
systems using provided SIEM tools
Collect and analyze event information and perform threat or target analysis tasks
Detect, classify, process, track, and report on cyber security events and incidents
Escalate events to malware analysts for further investigation
Execute and manage responses and address suspected or detected incidents
Report incident information to external entities and liaise and coordinate activities with those
organizations
Coordinate and distribute directives, vulnerability, and threat advisories to identified consumers.
Provide daily summary reports of network events and activities and delivers metric reports.
Coordinate distribution of incidents and service requests
Conduct effective shift transition actions and procedures
Contribute input to the Cyber Security Brief (CSB) daily
Identify and recommend new techniques for inclusion in monitoring strategy
Perform critical thinking and analysis to investigate cyber security alerts
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Research and stay up to date with current and emerging threats, IOC, and nefarious actor TTP
Qualifications: Candidates must possess an active TS/SCI or Secret Clearance.
Bachelor's degree in engineering, computer science, or related technical field. 4 years of work
experience may be substituted for a Bachelor's Degree; Associate's Degree plus 2 years of work
experience may be substituted for a Bachelor's Degree.
Years of experience. Demonstrated years of experience will be used to determine the position level (e.g.
Jr., Mid., or Sr.) for the selected candidate
Demonstrated experience in the analysis of network traffic, host logs, and correlating diverse security
logs to perform recommendations for response
Demonstrated experience in the use of SIEM tools such as McAfee Nitro, Elastic, Splunk
Expertise in network and host-based analysis and investigation
Knowledge of the current and emerging threat landscape, including common TTPs of threat actors
Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATT&CK, Diamond model, etc)
Familiarity with Windows and Linux operating systems
Experience working with a customer service-oriented environment
Experience providing service desk/call center support Knowledge of Microsoft Office suite
Exceptional communication and customer service skills
Must be detailed-oriented and possess good decision-making ability Certifications: One or more of the
following certifications are preferred: CEH, CFR, CCNA Cyber Ops, ECIH, CCNA-Security, CASP, CySA+,
GCIA, GCIH, GICSP, SCYBER, PenTest+

Benefits found in job post

 401(k)
3 Cyber Security Analyst

AMSYS Innovative Solutions, LLC Houston, TX On-site 3 weeks ago 2 applicants

 Full-time · Entry level

 51-200 employees · IT Services and IT Consulting

Cyber Security Analyst at AMSYS Innovative Solutions, LLC

About the job

The Cybersecurity Analyst will join a diverse team of security professionals who prevent, detect, and
respond to cyber threats.

The Cybersecurity Analyst Under General Supervision Will

Analyze and investigate cybersecurity tickets and alerts, perform threat analysis, monitor client
environments for signs of intrusion, assist in the deployment of cybersecurity solutions, as well as assist
in security projects such as penetration testing, code evaluation, and security assessments.

Minimum Qualifications

Bachelor's degree in a technology discipline such as cybersecurity, computer science, or computer

engineering or four years of work experience in a technical domain such as IT support, networking, or
cybersecurity.

Ability to pass a standard background check.

Preferred Qualifications

Graduate or postgraduate degree or certificate in a technology discipline.

Active US Government Secret, Top Secret, or Position of Public Trust clearance, or ability to attain such
clearance.

One or more cybersecurity certifications such as CompTIA Security+, ECCouncil CEH, or ECIH.

Proficiency with programming languages such as Python, Rust, or C++.

Knowledge of networking, firewalls, virtualization, IDS/IPS, SIEM, EDR, SOAR, and vulnerability
management tools.

Knowledge of security compliance/governance frameworks such as NIST, ISO, COBIT, CMMC, and SOC.
4 CSOC Analyst -Tier 3

InfiCare Staffing Morrisville, NC On-site 5 months ago 18 applicants

 Full-time · Entry level

 201-500 employees · Staffing and Recruiting

CSOC Analyst -Tier 3 at InfiCare Staffing

CSOC Analyst -Tier 3

InfiCare Staffing Morrisville, NC On-site

CSOC Analyst -Tier 3 at InfiCare Staffing

About the job

InfiCare has been providing Contingent Staffing and Direct Hire staffing services to its clients across the
US and in four continents Since 2001. Starting from a modest beginning in 2001, today we service clients
ranging from Fortune 500 companies to medium sized businesses as well as small niche firms. In US we
are based at Dulles, VA.
We are hiring "CSOC-Tier 3 Analyst" for one of our clients.
Job Title: CSOC-Tier 3 Analyst
Location: Morrisville NC 27560
Duration: Long Term contract
Job Description
Identification of Cybersecurity problems which may require mitigating controls
Analyze network traffic to identify exploit or intrusion related attempts
Recommend detection mechanisms for exploit and or intrusion related attempts
Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion
methodologies
Analyze attachments and URLs for malicious code
Conduct forensic analysis on systems which may have been compromised
Work with law enforcement if needed for handoff of forensic evidence
Execute operational processes in support of response efforts to identified security incidents
Qualifications Requests
3+ years IT security experience
2+ years' experience in network traffic analysis
Strong Working Knowledge Of
Boolean Logic
TCP/IP Fundamentals
Network Level Exploits
Threat Management
Regular Expressions
Knowledge of Control Frameworks and Risk Management techniques
Excellent oral and written communication skills
Excellent interpersonal and organizational skills
Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
Strong understanding of common IDS/IPS architectures and implementations
Strong understanding of IDS/IPS signatures, content creation and signature characteristics including
both signature and anomaly-based analysis and detection
Experience Level
3-5 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency
Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations
Center (SOC).
Education
Bachelors Degree in Computer Science, Information Technology or Information Security preferred or a
technically related field OR equivalent related work experience
CERTIFICATIONS: (One or more desired)
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)
CISA - Certified Information Systems Auditor
Should you be interested, please send me a copy of your resume in Word/PDF format along with the
following details ASAP.
Full Name
Current Location:
Work Authorization
Salary / Rate expectation:
5 Principal Incident Response Analyst

Blackbaud New York, United States Remote 2 weeks ago 24 applicants

 $101,900/yr - $132,800/yr (from job description) · Full-time · Mid-Senior level

 1,001-5,000 employees · Software Development

 See how you compare to 24 applicants.

Principal Incident Response Analyst at Blackbaud

Principal Incident Response Analyst

Blackbaud New York, United States Remote

Principal Incident Response Analyst at Blackbaud

About the job

We are looking for an accomplished, high-performing Principal Incident Response Analyst for our
Threat Detection & Response team with experience performing digital forensics, incident response,
and threat hunting. The Principal Incident Response Analyst is responsible for ensuring the
confidentiality, integrity, and availability of critical information and IT assets. This role requires a deep
understanding of cybersecurity principles, incident response methodologies, digital forensics, and the
ability to work efficiently under pressure.

What You'll Be Doing

 Conduct in-depth analysis of security events and indicators to determine the nature and
severity of incidents.

 Respond promptly to security incidents, following established incident response procedures.

 Coordinate and collaborate with cross-functional teams to contain and mitigate cyber threats
effectively.

 Perform forensic investigations to determine the root cause of incidents and develop
appropriate remediation strategies.

 Lead regular threat hunt activities to identify and investigate gaps in detection.

 Utilize threat intelligence and industry best practices to enhance incident detection
capabilities.

What We'll Want You To Have

 5+ years of cyber incident response experience in a large and complex environment. Relevant
industry certifications are highly desirable (CISSP, GCIH, GFCA, GREM, ECIH).

 Subject matter expertise with security tools and technologies, such as SIEM, IDS/IPS, EDR, and
network monitoring solutions.
  Strong knowledge of incident response methodologies, including containment, eradication,
recovery, and common security frameworks (NIST, SANS, CSA).

 Ability to acquire and analyze endpoint and network artifacts, volatile memory, malicious
files/binaries and scripts.

 Experience with forensic tools, such as Encase, FTK, Axiom, and Cellebrite to carry out digital
forensic investigations.

 Collaborate with other forensic analysts, law enforcement officers, and legal experts to
identify methods and procedures for recovery, preservation, and presentation of computer
evidence, ensuring proper precautions are taken in the preservation and prevention of
spoliation of electronic evidence.

Stay up to date on everything Blackbaud, follow us on Linkedin, Twitter, Instagram, Facebook and
YouTube

Blackbaud is a remote-first company which embraces a flexible remote work culture. Blackbaud
supports hiring and career development for all roles from the location you are in today!

Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse

and inclusive work environment. All qualified applicants will receive consideration for employment
without regard to race, color, religion, gender, gender identity or expression, sexual orientation,
national origin, physical or mental disability, age, or veteran status or any other basis protected by
federal, state, or local law.

To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for
any fees related to unsolicited resumes.

A notice to candidates: Recruitment Fraudulent Alert: Your personal information and online safety as
a candidate mean a lot to us! At Blackbaud and our portfolio of companies, recruiters only direct
candidates to apply through our official careers page at https://careers.blackbaud.com/us/en or our
official LinkedIn page. Recruiters will never request payments, ask for financial account information or
sensitive information like social security numbers, or conduct interviews via Skype. Anyone suggesting
otherwise is not a representative of Blackbaud. If you are unsure if a message is from Blackbaud,
please email [email protected].

The starting base pay is $101,900.00 to $132,800.00. Blackbaud may pay more or less based on
employee qualifications, market value, Company finances, and other operational considerations.

R0010786
6 Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance

OneZero Solutions Beltsville, MD Remote 3 weeks ago 1 applicant

 Full-time · Mid-Senior level

 51-200 employees · IT Services and IT Consulting

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance at OneZero Solutions

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance

OneZero Solutions Beltsville, MD Remote

Cyber Network Defense Analyst (Jr, Mid, Sr.) with Security Clearance at OneZero Solutions

About the job

OneZero is looking for solutions-oriented professionals to join our diverse team of Cyber Security
Specialists supporting a large Government client in the Rosslyn VA and Beltsville MD areas. We are an
employee-centric company that truly appreciates our team members and their value to our customers
and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering
teams that are and continue to be technically proficient and technically capable across a
comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely
competitive benefits package that includes health/dental/vision/life insurance plans, 401K with
company matching, PTO & paid holidays, employee referral program, and educational assistance.
Additional details can be found on our website at: https://www.onezerollc.com/careers/ Position
Title: Cyber Network Defense Analyst Location: Beltsville, MD Clearance: TS/SCI or Secret (multiple
positions available) Primary Responsibilities Perform network monitoring 24x7x365 basis of all
designated enclaves, networks, and systems using provided SIEM tools

Collect and analyze event information and perform threat or target analysis tasks

Detect, classify, process, track, and report on cyber security events and incidents

Escalate events to malware analysts for further investigation

Execute and manage responses and address suspected or detected incidents

Report incident information to external entities and liaise and coordinate activities with those
organizations

Coordinate and distribute directives, vulnerability, and threat advisories to identified consumers.

Provide daily summary reports of network events and activities and delivers metric reports.

Coordinate distribution of incidents and service requests

Conduct effective shift transition actions and procedures

Contribute input to the Cyber Security Brief (CSB) daily

Identify and recommend new techniques for inclusion in monitoring strategy

Perform critical thinking and analysis to investigate cyber security alerts

Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)

Research and stay up to date with current and emerging threats, IOC, and nefarious actor TTP

Qualifications: Candidates must possess an active TS/SCI or Secret Clearance.

Bachelor's degree in engineering, computer science, or related technical field. 4 years of work
experience may be substituted for a Bachelor's Degree; Associate's Degree plus 2 years of work
experience may be substituted for a Bachelor's Degree.

Years of experience. Demonstrated years of experience will be used to determine the position level
(e.g. Jr., Mid., or Sr.) for the selected candidate

Demonstrated experience in the analysis of network traffic, host logs, and correlating diverse security
logs to perform recommendations for response

Demonstrated experience in the use of SIEM tools such as McAfee Nitro, Elastic, Splunk

Expertise in network and host-based analysis and investigation

Knowledge of the current and emerging threat landscape, including common TTPs of threat actors

Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATT&CK, Diamond model, etc)

Familiarity with Windows and Linux operating systems

Experience working with a customer service-oriented environment

Experience providing service desk/call center support Knowledge of Microsoft Office suite

Exceptional communication and customer service skills

Must be detailed-oriented and possess good decision-making ability Certifications: One or more of the
following certifications are preferred: CEH, CFR, CCNA Cyber Ops, ECIH, CCNA-Security, CASP, CySA+,
GCIA, GCIH, GICSP, SCYBER, PenTest+
7 Information Assurance Security Specialist -Sr.

OneZero Solutions Alexandria, VA Remote 3 months ago 19 applicants

 Full-time · Entry level

 51-200 employees · IT Services and IT Consulting

Information Assurance Security Specialist -Sr. at OneZero Solutions

Information Assurance Security Specialist -Sr.

OneZero Solutions Alexandria, VA Remote

Information Assurance Security Specialist -Sr. at OneZero Solutions

About the job

Position Title: Information Assurance Security Specialist Sr.

Location: Ashburn, VA

Clearance: TS/SCI

Shift schedule: 7pm-7am, Thur-Sat, every other Wednesday.

Utilize state of the art technologies such as host forensics tools(FTK/Encase), Endpoint Detection &
Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform
hunt and investigative activity to examine endpoint and network-based data.

Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident
response.

Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can
be used to improve monitoring, analysis and incident response.

Develop and build security content, scripts, tools, or methods to enhance the incident investigation
processes.

Lead Incident Response activities and mentor junior SOC staff.

Work with key stakeholders to implement remediation plans in response to incidents.

Effectively investigative and identify root cause findings then communicate findings to stakeholders
including technical staff, and leadership.

Flexible and adaptable self-starter with strong relationship-building skills

Strong problem solving abilities with an analytic and qualitative eye for reasoning

Ability to independently prioritize and complete multiple tasks with little to no supervision

Must be a US citizen, no clearance required, prefer Secret Clearance with the ability to obtain TS/SCI.
Bachelor's degree in Science or Engineering Field, IT, or Cybersecurity or related field

3+ years of experience be in the areas of incident detection and response, remediation malware
analysis, or computer forensics.

Must Have At Least One Of The Following Certifications

SANS GIAC: GCIA, GCFA, GPEN GCFE, GREM, or GCIH ISC2 CCFP, CCSP, CISSP, CERT CSIH EC Council: CHFI,
Offensive Security: OSCP, OSCE, OSWP and OSEE Encase: EnCE, DOD 8570: IAT L3, CNDSP Analyst or IR
Carnegie Mellon: CSIH

Ability to script in one more of the following computer languages Python, Bash, Visual Basic or
Powershell

Tier 2 Response

GCIH - Incident Handler

GCFA - Forensic Analyst

GCFE - Forensic Examiner

GREM - Reverse Engineering Malware

GISF - Security Fundamentals

GXPN - Exploit Researcher and Advanced Penetration Tester

GWEB - Web Application Defender

GNFA - Network Forensic Analyst

OSCP (Certified Professional)

OSCE (Certified Expert)

OSWP (Wireless Professional)

OSEE (Exploitation Expert)

CCFP - Certified Cyber Forensics Professional

CISSP - Certified Information Systems Security

CCNA Security

CCNP Security

CEH - Certified Ethical Hacker

CHFI - Computer Hacking Forensic Investigator

LPT - Licensed Penetration Tester

ECSA - EC-Council Certified Security Analyst

ENSA - EC-Council Network Security Administrator

ECIH - EC-Council Certified Incident Handler

ECSS - EC-Council Certified Security Specialist

ECES - EC-Council Certified Encryption Specialist

EnCE

Windows Forensic Examinations - FTK WFE-FTK

Computer Incident Responders Course - CIRC

Windows Forensic Examination - EnCase - Counter Intelligence (CI) - WFE-E-CI

Forensics and Intrusions in a Windows Environment -FIWE

OneZero Solutions is an Equal Opportunity/Affirmative Action employer. All qualified applicants will
receive consideration for employment without regard to race, color, religion, sex, sexual orientation,
gender identity, national origin, disability, or veteran status, or any other protected class.
8 Threat application engineer Tampa FL ref

Executive Staff Recruiters / ESR Healthcare Tampa, FL On-site 2 months ago

 $65/hr (from job description) · Full-time · Entry level

 1-10 employees · Hospitals and Health Care

Threat application engineer Tampa FL ref at Executive Staff Recruiters / ESR Healthcare

About the job

Company Profile
esrhealthcare.com.mysmartjobboard.com
Experience level: Mid-senior Experience required: 4 Years Education level: Bachelor’s degree Job
function: Information Technology Industry: Financial Services Pay rate : $65 per hour Total position: 1
Relocation assistance: No
Candidates hired for this role will be required to start full onsite following hybrid work option, 2 to 3
days in office. Please submit Local candidates from Tampa only.
Due to a recent increase in misrepresentation during the interview process, has implemented a new
policy that requires a candidate’s headshot on the front page of the resume to be considered.
This role is Contract to Hire.
Position Summary
The Threat Management Associate will perform detection and analysis activities through the
monitoring of security appliances, such as, SIEM, IDS/IPS, EDR, and other Threat Detection platforms.
The Threat Management Associate will conduct in-depth analysis of cyber alerts to confirm a
compromise has occurred and lead/assist in necessary response steps based on the Incident Response
Plan and perform additional tasks for the Cyber Blue Team.
Specific Responsibilities
Provide technical leadership for a team of analysts who continuously perform monitoring and triage
of alerting to determine what is actionable while prioritizing incidents based on risk.
Lead the continuous monitoring, identification, intake, triage, response, containment, remediation,
and resolution of cyber incidents by identifying root cause while prioritizing incidents based on risk.
Analyze data from various sources to identify possible risk indicators, determine possible root cause
and identify preventative actions.
Proactively conduct research
Leadership Competencies for this level include
Accountability: Demonstrates reliability by taking necessary actions to continuously meet required
deadlines and goals.
Global Collaboration: Applies global perspective when working within a team by being aware of own
style and ensuring all relevant parties are involved in key team tasks and decisions.
Communication: Articulates information clearly and presents information effectively and confidently
when working with others.
Influencing: Convinces others by making a strong case, bringing others along to their viewpoint;
maintains strong, trusting relationships while at the same time is comfortable challenging ideas.
Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and
confidently pursues challenges as new avenues of opportunity.
Qualifications
Strong understanding of incident response processes, workflows, communications and reporting,
escalations, and cross-department collaboration.
Previous hands-on experience with modern security tools such as SIEM/SOAR, EDR/XDR, NGFW,
EUBA, and DLP.
Experience with Windows file system and registry functions or Linux/Unix operating systems and
command line tools.
Working knowledge of various security methodologies and processes, and technical security solutions
(i.e. firewalls, proxies, and intrusion detection systems),
Working knowledge with analyzing cyber-incidents and determine root cause,
Extensive knowledge of network and server security products, technologies, and protocols,
Knowledge of common security vulnerabilities including OWASP Top 10.
Strong dynamic and static malware analysis skills.
Skill and work experience in scripting are a great plus (Shell scripting, Python, Powershell).
Excellent written and verbal communication skills,
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the
ability to deliver high performance and high levels of customer satisfaction in a matrix managed
environment.
Strong technical writing, documentation, and communication skills necessary to create and present
findings to C-level management,
3+ years of experience working within a SOC and/or handling incidents,
Security certification(s) and/or official training, such as CompTia Sec+, CompTia CySa+, GCIH, CSIH,
ECSA, CHFI, ECIH, CEH, AWS SA, similar, or degree are a plus.
9 Cyber Security Vulnerability Researcher

Technica Corporation Patuxent River, MD On-site 3 months ago 1 applicant

 Full-time · Mid-Senior level

 201-500 employees · IT Services and IT Consulting

Cyber Security Vulnerability Researcher at Technica Corporation

Cyber Security Vulnerability Researcher

Technica Corporation Patuxent River, MD On-site

Cyber Security Vulnerability Researcher at Technica Corporation

About the job

About Technica

At Technica Corporation, our goal is to provide exceptional professional services and innovative
technology solutions that meet or exceed our customer’s expectations. We specialize in a wide range
of advanced information technology solutions from Systems Engineering to Information Assurance,
and from Software Development to Product Solutions. From our locations across the United States,
we provide technological subject matter expertise, program management and business process
knowledge as a trusted advisor in support of our Department of Defense and other Federal Agency
customers.

Technica Corporation has an exciting and immediate opportunity for a proven Cyber Security
Vulnerability Researcher to support a major Navy Cyber Warfare initiative at Patuxent River, MD. This
position will support NAVAIR’s digital transformation which requires leveraging advanced digital tools
to implement fundamentally different business models across all business, technology development,
workforce, and mission operation domains. NAVAIR is committed to a digital culture that empowers
the workforce to accelerate, innovate, collaborate, develop, and deliver capabilities to meet mission
outcomes. In addition, this position also acts as the functional team lead for teams performing the
above functions. This includes coordinating and overseeing the tasking of other team members,
tracking project progress, and participating in planning of projects, resourcing, and events.

 Establish and maintain an integrated partnership with HQ management, engineering, and

support organizations.

 Ensure timely completion of all contractual deliveries to the customer.

 Conduct research into fundamental computer and information science as theorists, designers,
or inventors.

 May conduct research into cyber threats, tools, techniques, and methods.

 Develops solutions to problems in the field of computer hardware and software with a focus
on system security and vulnerability.
  Other duties as assigned.

 Clearance Top Secret / SCI Eligible

 Bachelor's Degree and 12-15 years’ experience or Masters’ degree and 10-13 years’ experience
or PhD and 10+ years’ experience in an Information Technology or Computer Science, or
Technical Degree area of study or related discipline.

 Candidates must have experience directly related to the specific duties of the position.
Specialized experience areas include, but are not limited to 5 years of experience performing
work related to functional description

 Conduct research into fundamental computer and information science as theorists, designers,
or inventors.

 Conduct research into cyber threats, adversarial offensive and defensive tools, techniques,
and methods, and mitigation solutions.

 Develops solutions to problems in the field of computer hardware and software with a focus
on system security and vulnerability.

 In addition to the duties above, this position also acts as the functional team lead for teams
performing the above functions. This includes coordinating and overseeing the tasking of
other team members, tracking project progress, and participating in planning of projects,
resourcing, and events.

 Specialized Experience minimum of five (5) additional years of experience related to

performing the above functions in a DoD/Other Government Agency platform/weapons
systems or DoD/Other Government Agency IT infrastructure environment.

 NAVAIR Experience

 Experience with execution and resource allocation in a dynamic environment

Has one of the following active certs

 Certified Ethical Hacker (CEH)

 Certified in Risk and Information Systems Control (CRISC)

 Certified Information Security Manager (CISM)

 Certified Information Systems Security Professional (CISSP)

 Computer Hacking Forensic Investigator (CHFI)

 Certified Computer Security Incident Handler (CSIH)

 GIAC Certified Incident Handler (GCIH)

 EC-Council Certified Incident Handler (ECIH)

 GIAC Certified Forensic Analyst (GCFA)

  Certified Information Security Manager (CISM)

 CompTIA Advanced Security Practitioner (CASP+)

 GIAC Security Leadership Certification (GSLC)

 Certified Information Security Manager (CISM)

EQUAL EMPLOYMENT OPPORTUNITY

It is Technica's policy to affirmatively support Equal Employment Opportunity (EEO) for all qualified
individuals without regard to color, gender, religion, creed, national origin, age, race, disability,
gender identity, genetic information, sexual orientation, marital status, veteran status or any other
characteristic protected by law. This policy covers all aspects of the employment relationship
including recruiting, hiring, compensation, assignment, promotion, transfer, training, working
conditions, employment longevity, retirement, employee benefits and termination.

Technica's EEO philosophy promotes equal employment opportunity throughout the organization.
Any form of unlawful employee harassment based on the above mentioned characteristics is
prohibited. Equal Opportunity Employer Minorities/Women/Vets/Disabled/Gender Identity/Sexual
Orientation.
10 CSOC-Tier2 Analyst - Weekend Shift

A.C.Coy Company Morrisville, NC On-site 2 months ago 1 applicant

 Contract · Entry level

 51-200 employees · Information Technology & Services

 See recent hiring trends for A.C. Coy.

CSOC-Tier2 Analyst - Weekend Shift at A.C.Coy Company

CSOC-Tier2 Analyst - Weekend Shift

A.C.Coy Company Morrisville, NC On-site

CSOC-Tier2 Analyst - Weekend Shift at A.C.Coy Company

About the job

 Tier One Technologies has an immediate need for a CSOC-Tier2 Analyst - Weekend Shift.

 SELECTED CANDIDATES WITHOUT REQUIRED CLEARANCE WILL BE SUBJECT TO A FEDERAL

GOVERNMENT BACKGROUND INVESTIGATION TO RECEIVE IT.

 Working Days Friday, Saturday, and Sunday.

 Friday-700am -900 pm (13 hours)

 Saturday-700 am-930 pm (13.5 hours)

 Sunday-700 am-930 pm (13.5 hours)

 Candidates must be local to the Raleigh NC area to work in a hybrid environment.

 Identification of Cybersecurity problems which may require mitigating controls.

 Analyze network traffic to identify exploit or intrusion related attempts.

 Recommend detection mechanisms for exploit and or intrusion related attempts.

 Provide subject matter expertise on network-based attacks, network traffic analysis, and
intrusion methodologies.

 Escalate items which require further investigation to other members of the Threat
Management team.

 Execute operational processes in support of response efforts to identified security incidents.

 Participates in a team of Security operations engineers investigating alerts, anomalies, errors,

intrusions, malware, etc. to identify the responsible, determine remediation, and recommend
security improvements.
 Follows precise analytical paths to determine the nature and extent of problems being
reported by tools, e-mails, etc.

 Follows strict guidance on reporting requirements.

 Keeps management informed with precise, unvarnished information about security posture
and events.

 Promotes standards-based workflow both internally and in coordinating with US-CERT.

 Engages with other internal and external parties to get and share information to improve
processes and security posture.

 Guide team efforts.

 Communicate with CISO leadership.

 Lead analyzing/investigating reports or anomalies.

 Bachelor’s Degree in Computer Science, Information Technology or Information Security

preferred or a technically related field OR equivalent related work experience.

 3-5 years of related experience on a Computer Incident Response Team (CIRT), Computer
Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a
Security Operations Center (SOC).

 3+ years IT security experience.

 2+ years’ experience in network traffic analysis.

 Strong working knowledge of TCP/IP Fundamentals and Network Level Exploits.

 Strong understanding of IDS/IPS technologies, trends, vendors, processes, and methodologies.

 Strong understanding of common IDS/IPS architectures and implementations.

 Strong understanding of IDS/IPS signatures, content creation and signature characteristics

including both signature and anomaly-based analysis and detection.

 Splunk experience, developing queries is a plus.

 Cloud monitoring experience is a plus.

 Excellent oral and written communication skills.

 Excellent interpersonal and organizational skills.

 All candidates must be a US Citizens or have permanent residence status (Green Card).

 Candidate must have lived in the United States for the past 5 years.

 Cannot have more than 6 months travel outside the United States within the last five years.

 Military Service excluded. (Exception does not include military family members.)
Certifications (one OR MORE)

 CompTIA Security +

 CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker

 GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)

 CISA - Certified Information Systems Auditor

-Find 3 different programs that offers certifications that you need (Please list the school,
what program and program of study) - save it on word and email it to me.

1 EC-Council Certified Incident Handler | ECIH Certification (eccouncil.org)

ECCU – Masters of Cyber Security

ECCU – Graduate Certificate Program

2 Cyber and Network Security Program | Degrees (cambridgehealth.edu)

Associate of Science in Cyber and Network Security

3 ECIH Cert Prep: Certified Incident Handler v2 (212-89) – Jenkins MBA Careers | Poole College of
Management | NC State University (ncsu.edu)

Poole College of Management Certification Prep course hosting