Cloud Incident Response Analyst
Security Clearance Type:
Contract to hire
Seneca’s client is looking to hire a Cloud Incident Analyst. This person provides Cybersecurity monitoring and incident response to a Cabinet level federal agency. Conducts network monitoring and incident response supporting the client 24x7x365 operations. Contributes to a team of information assurance professionals working with Intrusion Detection Systems (IDS) software and hardware, analyzing IDS data, writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe.
This position supports the Department of State's Computer Incident Response Team (CIRT) in providing continuous monitoring and ticket processing for a structured incident response process.
- Understanding of Static and Dynamic Malware analysis tools and techniques
- Ability to identify and communicate remediation steps for cybersecurity events
- Significant experience managing cases with enterprise SIEM systems like Splunk
- Expert Knowledge in Cloud computing and cloud technologies
- Cloud access security Broker (CASB)or similar experience securing SaaS offerings such as O365 GoogleApps and other cloud vendors.
- Handle cloud based security incidents from identification through containment, eradication, recovery, and reporting
- In-depth knowledge of both Amazon Web Services (AWS), Azure including networking and serverless services such as Lambda or Functions.
- Knowledgeable in hybrid cloud deployments and federated identities.
- Develop and streamline resource log collection and management tools across multiple Cloud Service Providers and on premise Hybrid environments.
- Experience in implementing security infrastructure and ecosystems utilizing APIs and event driven security response.
- Knowledge and understanding of application hosting, with experience using Cloud Services in an Infrastructure as a Service (IAAS) or Platform as Service (PAAS) environment.
- Programming\scripting experience in C++, BASH, Python, PowerShell within an Agile development environment.
- Must possess the ability to assess architecture and current system limitations.
- Expertise with one or more of the following tools:
- Security Compliance Center
- Windows Defender ATP
- Expert understanding of Network protocols and packet analysis tools.
- Deep understanding Windows, Linux operating systems network behavior
- Expert ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs.
- Expertise leveraging situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
- Be able to author Standard Operating Procedures (SOPs) and training documentation when needed.
- The ability to take lead on incident research and response.
- Provides correlation and trending of cyber incident activity.
- Willingness to mentor and teach junior and mid-level analysts.
- Communicate Up, Down, and Across All Levels of the Organization and Technical Backgrounds
- Be able to provide timely and relevant security reports.
One or more certifications, including but not limited to: CCSP, CCSK, AWS certified security specialty, Microsoft Azure Security Engineer, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent.
About Seneca Resources:
Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. Seneca Resources is a leading IT services provider with offices in Alabama, Texas, Georgia, Pennsylvania & Virginia that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team.
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.