• Hands-on experience hunting for and responding to incidents associated with eCrime and/or Nation-state adversaries in Government environments.• Protect customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite.• Analyze adversary activity and communicated those findings to customers in a fast-paced cadence to help stop breaches.• Undertake research to improve detection capabilities• Conduct active and… Show more • Hands-on experience hunting for and responding to incidents associated with eCrime and/or Nation-state adversaries in Government environments.• Protect customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite.• Analyze adversary activity and communicated those findings to customers in a fast-paced cadence to help stop breaches.• Undertake research to improve detection capabilities• Conduct active and passive threat hunting to include profiling eCrime adversaries• Responsible for hunting specific adversaries in sensitive environments• Track ransomware campaigns• Produce periodic threat hunt reports• Collaborate with various internal teams to achieve common goals• Understanding of administrative tools and how adversaries may leverage them to live-off-the-land• Familiarity with adversary techniques and attack lifecycles. (e.g: adversary progression through techniques found in the MITRE ATT&CK® matrix) Show less

• Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, AntiVirus, SIEM, etc...), across multiple platforms• Assessing the security impact of security alerts and traffic anomalies on networks• Creating comprehensive security write-ups which articulate security issues, analysis and remediation techniques• Escalating and explaining security incidents• Maintaining a strong awareness and understanding of the current threat… Show more • Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, AntiVirus, SIEM, etc...), across multiple platforms• Assessing the security impact of security alerts and traffic anomalies on networks• Creating comprehensive security write-ups which articulate security issues, analysis and remediation techniques• Escalating and explaining security incidents• Maintaining a strong awareness and understanding of the current threat landscape• Conducting research on emerging security threats• Monitor information security alerts though the use of SIEM to respond, triage, and escalate as needed• Review and respond to security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives• Perform day-to-day security log review and analysis in adherence with SOX & PCI requirements, as well as industry security best practices.• Technical analysis of network activity, monitors and evaluates network flow• Responsible for reporting, escalating, and remediating anomalous events based on the established protocol• Participate in root cause analysis of critical events for improving preventative and reactive processes• Works with senior leadership to tune and maintain the SIEM (Security Information and Event Management) as needed; develop SIEM use cases to enhance monitoring capabilities• Responsible for gathering and responding to all assessment / audit requests for information Show less

•Receive abuse logs regarding malware infected devices, analyze logs for possible false positives and prepare reports to develop security risk analysis scenarios and response procedures•Responsible for tracking and monitoring of malware infected devices•Quarantine devices when threats are realized•Enforce security policies and procedures by administering and monitoring security profiles, review security violation reports while maintaining and documenting security control… Show more •Receive abuse logs regarding malware infected devices, analyze logs for possible false positives and prepare reports to develop security risk analysis scenarios and response procedures•Responsible for tracking and monitoring of malware infected devices•Quarantine devices when threats are realized•Enforce security policies and procedures by administering and monitoring security profiles, review security violation reports while maintaining and documenting security control policy•Provides direct support to the business and IT staff for security related issues•Consult IT and Enterprise professionals on security policies and security issues regarding user built/ managed systems. Show less

•Analyze both raw and processed security event data to identify potential security incidents, threats and vulnerabilities•Works in a 24x7x365 MSSP SOC environment monitoring the device health of network security devices such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, and other Unix/Linux based platforms through various SIEMs•Troubleshoot events generated by the health monitoring system (tickets consist of alerts for unreachable devices, devices not… Show more •Analyze both raw and processed security event data to identify potential security incidents, threats and vulnerabilities•Works in a 24x7x365 MSSP SOC environment monitoring the device health of network security devices such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, and other Unix/Linux based platforms through various SIEMs•Troubleshoot events generated by the health monitoring system (tickets consist of alerts for unreachable devices, devices not reporting events, and miscellaneous hardware and software failures)•Meet service level agreements (SLA) regarding response time and client notification•Remotely manage client devices and correct problems•Provides first level troubleshooting support for devices managed and monitored by the SOC Show less

•Receive, inspect, inventory, load/unload, store, issue and deliver supplies and equipment•Maintain automated supply system for accounting of organizational and installation supplies and equipment•Issue and receive small arms. Secure and control weapons and ammunition in security areas•Schedule and perform preventive and organizational maintenance on weapons•Operate Unit level computers

•VSOE is a method of revenue recognition that enables companies to recognize revenue on specific items on a multi-item sale, based on evidence specific to a company•Utilized VSOE to price-structure software contracts for HPs customers•Research software contracts to determine which software support is leased to HPs customers•Determine if VSOE should be applied to current or new software support contracts