Cyber Incident Handling Analyst
vor 1 Monat
Overview
SOS International LLC (SOSi) is seeking a Cyber Incident Handling Analyst to support our customer in Weisbaden, Germany . The Cyber Incident Handler will perform analytic analysis of cyber related events to detect and deter malicious actors using SIEM technologies, which correlate multiple security tool alerts and logs.
Essential Job Duties
Work as a member of the Cyber Incident Response Operations Team to increase the security posture of the customers network.
Monitor SIEM platforms for alerts, events, and rules providing insight into malicious activities and/or security posture violations.
Review intrusion detection system alerts for anomalies that may pose a threat to the customers network.
Identify and investigate vulnerabilities, asses exploit potential, and suggest analytics for automation in the SIEM engines.
Report events through the incident handling process of creating incident tickets for deeper analysis and triage activities.
Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
Issue triage steps to local touch labor organizations and Army units to mitigate or collect on-site data.
Perform post intrusion analysis to determine shortfalls in the incident detection methods.
Develop unique queries and rules in the SIEM platforms to further detection for first line cyber defenders.
Monitor the status of the intrusion detection system for proper alert reporting and system status.
Respond to the higher headquarters on incidents and daily reports.
Provide daily updates to Defensive Cyber Operations staff on intrusion detection operation and trends of events causing incidents.
Prepare charts and diagrams to assist in metrics analysis and problem evaluation, and submit recommendations for data mining and analytical solutions.
Draft reports of vulnerabilities to increase customer situational awareness and improve the customers cyber security posture.
Assist all sections of the Defensive Cyber Operations team as required in performing Analysis and other duties as assigned.
May perform documentation and vetting of identified vulnerabilities for operational use.
May prepare and presents technical reports and briefings.
Utilize a solid understanding of networking ports and protocols, their uses, and their potential misuses.
Minimum Requirements
An active in scope Top Secret/SCI clearance is required.
Bachelor in related discipline +3, AS +7, major certification +7 or 11+ years specialized experience.
Must meet DoD 8140 DCWF 531 requirements (B.S., GCFA, GCIA, CCSP, CEH, CFR, Cloud+, CySA+, GCED, GICSP, or PenTest+).
Must meet DoD 8140 DCWF 511 requirements (B.S., GCFA, GCIA, CFR, Cloud+, CySA+, GCED, or orPenTest+).
Must have one of the following certifications(Cisco CyberOps Professional, GCED, GCFA, GCFE, GCIH, GNFA, DCITA CIRC, FIWE or Offensive Security OSDA).
Must have a full, complete, and in-depth understanding of all aspects of Defensive Cyber Operations.
Must have a good breadth of knowledge of common ports and protocols of system and network services.
Experience in packet captures and analyzing a network packet.
Experience with intrusion detection systems such as Snort, Suricata, and/or Zeek.
Experience with SIEM systems such as Splunk and/or ArcSight.
Must have the demonstrated ability to communicate with a variety of stakeholders in a variety of formats.
Must be able to obtain certification as a Technical Expert by the German Government under the Technical Expert Status Accreditation (TESA) process.
Preferred Qualifications
Bachelors degree in Engineering, Computer Science, or Mathematics.
Experience with writing Snort or Suricata IDS rules.
Experience with writing complex Splunk SPL queries to correlate lookup tables with event logs to identify anomalies.
Experience with analyzing packets using Arkime or Wireshark.
Experience with Microsoft Windows event IDs.
Experience with Linux audit log analysis.
Familiarity with Git and VScode.
Experience with one or more scripting languages such as PowerShell, Bash, Python.
Work Environment
Normal office conditions.
Potential to work on multiple shifts in a rotation schedule covering a 24/7/365 mission.
On site in Wiesbaden, Germany.
SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.
-
Cyber Incident Handling Analyst Senior
vor 3 Wochen
Wiesbaden, Germany SOS International LLC VollzeitOverview SOS International LLC (SOSi) is seeking a Cyber Incident Handling Analyst Senior to support our customer in Weisbaden Germany. The Cyber Incident Handler will perform analytic analysis of cyber relate events to detect and deter malicious actors using SIEM technologies, which correlate multiple security tool alerts and logs. Essential Job...
-
Cyber Incident Handling Analyst Senior
Vor 3 Tagen
Wiesbaden, Germany SOS International LLC VollzeitOverview SOS International LLC (SOSi) is seeking a Cyber Incident Handling Analyst Senior to support our customer in Weisbaden Germany. The Cyber Incident Handler will perform analytic analysis of cyber relate events to detect and deter malicious actors using SIEM technologies, which correlate multiple security tool alerts and logs. Essential Job...
-
Cyber Incident Handling Analyst
vor 4 Wochen
Wiesbaden, Hessen, Deutschland SOS International LLC VollzeitOverviewSOS International LLC (SOSi) is seeking a Cyber Incident Handling Analyst to support our customer in Weisbaden, Germany . The Cyber Incident Handler will perform analytic analysis of cyber related events to detect and deter malicious actors using SIEM technologies, which correlate multiple security tool alerts and logs.Essential Job Duties Work as a...
-
Cyber Incident Handling Analyst Senior
vor 3 Wochen
Wiesbaden, Hessen, Deutschland SOS International LLC VollzeitOverviewSOS International LLC (SOSi) is seeking a Cyber Incident Handling Analyst Senior to support our customer in Weisbaden Germany. The Cyber Incident Handler will perform analytic analysis of cyber relate events to detect and deter malicious actors using SIEM technologies, which correlate multiple security tool alerts and logs.Essential Job Duties Manage...
-
Cyber-Analystin / Cyber-Analyst (w/m/d)
vor 1 Woche
Wiesbaden, Deutschland Bundeskriminalamt VollzeitArbeitsort: Wiesbaden Arbeitsumfang: Vollzeit/Teilzeit Vergütung: EG 11 TV EntgO Bund mit dem Ziel der Verbeamtung / statusgleiche Übernahme bis A 11 BBesO Bewerbungsfrist: 01.10.2024 Arbeitsbeginn: zum nächstmöglichen Zeitpunkt Joblevel: Fachkraft 2. Joblevel (optional): Einsteigerin / Einsteiger...
-
Wiesbaden, Hessen, Deutschland Bundeskriminalamt VollzeitBeschreibung des Arbeitsplatzes:Wir suchen eine qualifizierte Fachkraft für Cybercrime, die sich in der Abteilung Cybercrime des Bundeskriminalamtes in Wiesbaden engagieren möchte.Aufgabenbereiche:Ermittlungen im Darknet: Durchführung von Ermittlungen im Darknet mit dem Ziel der Verfolgung von Betreiberinnen/Betreibern und...
-
Cyber-Analystin / Cyber-Analyst (w/m/d)
vor 1 Woche
Wiesbaden, Deutschland Bundeskriminalamt TeilzeitArbeitsort: Wiesbaden Arbeitsumfang: Vollzeit/Teilzeit Vergütung: EG 11 TV EntgO Bund mit dem Ziel der Verbeamtung / statusgleiche Übernahme bis A 11 BBesO Bewerbungsfrist: 01.10.2024 Arbeitsbeginn: zum nächstmöglichen Zeitpunkt Joblevel: Fachkraft 2. Joblevel (optional): Einsteigerin / Einsteiger...
-
Cyber-Analystin / Cyber-Analyst (w/m/d)
vor 1 Woche
Wiesbaden, Deutschland Bundeskriminalamt VollzeitArbeitsort: Wiesbaden Arbeitsumfang: Vollzeit/Teilzeit Vergütung: EG 11 TV EntgO Bund mit dem Ziel der Verbeamtung / statusgleiche Übernahme bis A 11 BBesO Bewerbungsfrist: 01.10.2024 Arbeitsbeginn: zum nächstmöglichen Zeitpunkt Joblevel: Fachkraft 2. Joblevel (optional): Einsteigerin / Einsteiger Berufsgruppe: IT und Technik ...
-
Cyber-Analystin / Cyber-Analyst (w/m/d)
vor 1 Woche
Wiesbaden, Deutschland Bundeskriminalamt VollzeitArbeitsort: Wiesbaden Arbeitsumfang: Vollzeit/Teilzeit Vergütung: EG 11 TV EntgO Bund mit dem Ziel der Verbeamtung / statusgleiche Übernahme bis A 11 BBesO Bewerbungsfrist: 01.10.2024 Arbeitsbeginn: zum nächstmöglichen Zeitpunkt Joblevel: Fachkraft 2. Joblevel (optional): Einsteigerin / Einsteiger...
-
Wiesbaden, Hessen, Deutschland Bundeskriminalamt VollzeitBeschreibung der StelleWir suchen eine qualifizierte Cyber-Analystin/Cyber-Analyst (w/m/d) für unsere Abteilung Cybercrime im Bundeskriminalamt in Wiesbaden.Hauptraum der TätigkeitDie Hauptaufgabe der Stelle besteht in der Ermittlung von Cybercrime-Fällen und der Bekämpfung von internetbasierten Kriminalitäten. Die Stelle umfasst die Unterstützung von...
-
Wiesbaden, Hessen, Deutschland Bundeskriminalamt VollzeitBeschreibung der StelleWir suchen eine qualifizierte Fachkraft für Cybercrime, die sich in der Abteilung Cybercrime des Bundeskriminalamts in Wiesbaden engagieren möchte. Als Cyber-Analystin/Cyber-Analyst (w/m/d) werden Sie Teil eines Teams sein, das sich auf die Bekämpfung von Cybercrime konzentriert.Aufgaben und VerantwortlichkeitenUnterstützung bei...
-
Cyber-Analystin / Cyber-Analyst (w/m/d)
Vor 6 Tagen
Wiesbaden, Deutschland Bundeskriminalamt VollzeitUnterstütze uns als Cyber-Analystin oder Cyber-Analyst (w/m/d) in der Abteilung Cybercrime des Bundeskriminalamtes in Wiesbaden. Wir gestalten im Verbund der Polizeien des Bundes und der Länder sowie den weiteren nationalen und internationalen Partnern die Bekämpfung von Cybercrime auf nationaler und internationaler Ebene und fokussieren uns bei der...
-
IT-Sachbearbeiter/in - Cyber-Analystik und -Kriminalität
vor 18 Stunden
Wiesbaden, Hessen, Deutschland Bundeskriminalamt VollzeitBeschreibung der PositionWir suchen eine motivierte und engagierte Person, die sich in der Abteilung Cybercrime des Bundeskriminalamts einbringen möchte. Als Cyber-Analystin/Cyber-Analyst (w/m/d) - IT und Technik werden Sie Teil eines dynamischen Teams sein, das sich auf die Bekämpfung von Cybercrime konzentriert.Hauptraumfelder:Ermittlungen Cybercrime im...
-
Program Analyst
vor 4 Wochen
Wiesbaden, Hessen, Deutschland U.S. Army Cyber Command VollzeitSummary About the Position: This position is a DOD Cyber Excepted Service (CES) personnel system position in the Excepted Service under 10 USC 1599f. Employees occupying CES positions are in the Excepted Service and must adhere to U.S. Code, Title 10, as well as Department of Defense Instruction This position is located with the 2nd Signal Brigade in...
-
Information Technology Specialist
vor 3 Monaten
Wiesbaden, Deutschland U.S. Army Cyber Command Vollzeit**Duties**: - Incumbent serves as a Collaboration Support Specialist in the Network Management Branch, Regional Cyber Center - Europe. - Selectee proactively coordinates and carries out the activities and processes required to implement, operate, and maintain premier collaboration services as a Network Operations Specialist. - Builds, tests, and delivers...
-
Information Security Analyst
vor 3 Wochen
Wiesbaden, Hessen, Deutschland General Dynamics Information Technology VollzeitType of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Suitability: None Job Family: Cyber Security Job Qualifications: Skills: Cybersecurity, Information Systems, Risk Management Framework Certifications: CISSP - ISC2 Experience: 5+ years of related experience US Citizenship...
-
Security Analyst
vor 2 Wochen
Wiesbaden, Deutschland Hays AG VollzeitDer Bereich IT ist unsere Kernkompetenz, auf deren Grundlage sich Hays entwickelt hat. Wir sind das größte privatwirtschaftlich organisierte IT-Personaldienstleistungsunternehmen in Deutschland und haben für jede Karrierestufe das passende Angebot - egal ob Sie an Vakanzen in agilen KMUs oder starken DAX-Konzernen interessiert sind. Wir beherrschen die...
-
Information Security Analyst
vor 3 Wochen
Wiesbaden, Hessen, Deutschland General Dynamics Information Technology VollzeitType of Employment: Regular Required Security Clearance: Top Secret/SCI Job Family: Cyber Security Qualifications: Skills Required: Cybersecurity, Information Systems, Risk Management Framework Certifications Needed: CISSP - ISC2 Experience Required: 5+ years in a related field Citizenship Requirement: Yes Position Overview: General Dynamics...
-
Information Security Analyst
vor 3 Wochen
Wiesbaden, Hessen, Deutschland General Dynamics Information Technology VollzeitType of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Suitability: Public Trust/Other Required: None Job Family: Cyber Security Job Qualifications: Skills: Cybersecurity, Information Systems, Risk Management Framework Certifications: CISSP - ISC2 Experience: 5 +...
-
Cyber Security Network Architect
Vor 6 Tagen
Wiesbaden, Hessen, Deutschland Mitsubishi Chemical Europe VollzeitAbout the RoleMitsubishi Chemical Europe is seeking a highly skilled Cyber Security Network Engineer to join our team. As a key member of our IT department, you will be responsible for designing, implementing, and maintaining our network infrastructure to ensure the highest level of security and resilience.Your Responsibilities:Design and implement secure...
