← Back to jobs
San Antonio, TX, USA
No related jobs found
Years Required/Preferred Experience 5 Required SOC operations experience 5 Required Hands‑on experience with IDS/IPS platforms, specifically Cisco Firepower and TippingPoint, including signature tuning, false‑positive reduction, and threat‑driven detection improvements. 5 Required Advanced packet capture (pcap) and network analysis skills using Corelight, NetWitness, and CRIBL pipelines to identify anomalies, malicious traffic, and lateral movement. 5 Required Experience maintaining and tuning EDR platforms, including CrowdStrike Falcon and SentinelOne, and integrating EDR telemetry into SIEM and orchestration workflows. 5 Required Threat intelligence application expertise 5 Required Develop detection logic aligned with adversary TTPs 6 Preferred Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic. 5 Preferred Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic. 5 Preferred Perform packet-level analysis to validate alerts and identify malicious activity 5 Preferred Serves as an escalation SOC analysts to support other SOC analyst and incident responders with enriched network-level intelligence 5 Preferred Proficiency with Google SecOps and Cyware (SOAR) orchestration, including building automated workflows that integrate SIEM, IDS/IPS, EDR (CrowdStrike, SentinelOne), threat intelligence, and Jira ticketing for SOC automation 4 Preferred Security Certifications Preferred (CISSP, CEH, GISF, GSEC, CySA+, Sec+)
Any Gradute
No related jobs found
← Back to jobs