Deputy Attack Sensor & Warning Lead


Job Description:

The Deputy AS&W Lead is responsible for support daily operations and act as the AS&W Lead when needed. The Deputy AS&W Lead will assist the AS&W Lead with developing and maintaining SOPs and Playbooks for AS&W operations, onboarding, and training of new AS&W analysts, and supporting operations as needed. The Deputy AS&W lead will attend evening shift change and help to ensure night shift is up to date with all processes and procedures, as well as help to address / relay any issues or concerns that the night shift may have. Quality Control for alerting, investigations, and analysis is also a key responsibility for the

Deputy AS&W Lead.

Required skills/experience/duties:
oSplunk / SIEM experience
oFamiliar with splunk queries and commands
oAbility to query Splunk indexes to triage and analyze security events
oTanium experience
oSOAR platform experience
oECOP case management experience
oDigital Guardian experience
•Triaging alerts / security events to determine if they are true positive / false positive / require more in-depth analysis
oSplunk ES Alerts
oCrowdstrike Alerts
•Perform analysis and triage alerts from any tool / source and determine any risk
•Identify events that qualify as an incident or require additional analysis from CIRT
•Tunning Requests
oIdentify items that require tuning to improve alert fidelity
•Pulling Reports
oReview of analysts performace
oProcess / procedure improvement
•QA/QC of contract deliverables, analyst analysis, and investigations
•Senior peer review of standardized customer reporting criteria to ensure correctness
•Tool GAP Analysis
•Email Trace and Purge

Additional Requirements:
•Bachelors Degree and 4 to 8 years of prior relevant experience.
•SEC+ certification.
•CEH certification.

Pay Range: