Atrilogy is seeking a Cloud Technical Analyst - Cyber Threat Detection (100% Remote) for a full-time permanent opportunity with their direct client in Alpharetta, GA.
Cloud Technical Analyst - Cyber Threat Detection
Location : Alpharetta, GA (This is 100% remote)
Duration : Full Time
The Cyber Threat Detection – Cloud Analyst role will be responsible for the management and enhancement of globally deployed security sensor and SIEM rulesets and configurations in response to project and mission demands. This role will work closely with Cyber Threat Intelligence, Incident Response, and monitoring analysts to define and tune rules and device security policies to meet mission requirements.
- Cyber Threat Detection
- Active Directory
- Office 365
Essential Functions of the job:
To qualify for the role, you must have:
- Implement and tune detection methodologies across the MITRE ATT&CK framework on Azure Security Center, Cloud App Security, MS Sentinel, and other cloud products.
- Responsible for creating, tuning and enhancing security policies on SIEM, IDS, EDR, and full packet capture tools, with a significant focus on Cloud Security
- Work with project teams to design, implement, and distribute monitoring policies
- Provide the Cyber Defense team guidance on Cyber threat detection best practices, technical requirements and integration
- Develop and maintain expertise in a wide variety of technology platforms, threat vectors, and threat actors and communicate it to non-technical and technical personnel
- Manage and improve information security documentation as required
- Work with other operational teams to resolve incidents and report on events
- Provide support during investigations and hunt missions when required
- Work with Information Security teams to manage and maintain security posture.
- Ability to show analytical expertise, strict attention to detail, excellent critical thinking, logic, and solution orientation, and learn and adapt quickly
- Ability to be comfortable with briefing managers and C-suite level audiences
- Demonstrated integrity in a professional environment
- Knowledge of standard change management procedures
- Excellent teaming skills with domestic and internationally located teams
- Excellent ability at building relationships with other organizational groups
- Promote a security-first mind set, ensuring decisions are made without compromising core security objectives
- 6+ years of relevant experience in one or more of the following areas: cloud technologies and platforms, threat intelligence, intrusion analysis, incident response, malware analysis, security and network operations, or similar roles.
- Knowledge of cloud based security authentication & directory methodologies (AzureAD, AWS Directory Services, etc.)
- Experience with ASC, MCAS, Azure IDP, PIM, including policy modification & custom rule creation
- Competency working with all layers of cloud environment (IaaS, SaaS, PaaS)
- Applied knowledge of cloud based enterprise systems architecture
- Direct experience working with cloud computing tools & technologies with a focus on security fundamentals (Azure, AWS, etc.)
- Conceptual understanding of IDS rules including common standards like Snort and Yara
- High competency on IP networking technology, to include addressing, routing, common protocol usage, use of proxies, load balancers, firewalls, routers, and switches in network architecture.
- Demonstrated understanding of the threat intelligence life cycle, network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- Some hands-on experience as an administrator configuring one or more of SIEM, Endpoint Protection, Vulnerability Scanners, or Data Loss Prevention, sufficient to make common changes unassisted.
- Demonstrated hands-on experience analyzing high volumes of logs, network data and other attack artifacts
- Proficient with one or more scripting languages such as Perl, Python, PowerShell etc. in a threat intelligence or incident response environment
- Experience with Splunk and Splunk Enterprise Security or ELK
For immediate consideration please submit your resume in Word format, along with daytime contact information. LOCAL CANDIDATES ONLY PLEASE
unless you are willing to relocate yourself at your own expense. Client is unable to provide H-1B Visa sponsorship at this time.
All submittals will be treated confidentially. Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening. Principals only, no third parties please.
Atrilogy Solutions Group, Inc. (est. 2000), in partnership with Peak17 Consulting (est. 2008), provides organizations of all sizes with high-quality, cost effective information technology (IT) staffing services.
Atrilogy has been recognized by Inc.
magazine as one of the nation’s fastest-growing, privately held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, & Atlanta with satellite offices in Boston, Jersey City, Las Vegas, and Delhi, India.
Clients turn to Atrilogy for expertise in:
- IT staffing and placement such as Project Managers, Agile/Scrum Masters, Business Analysts, DBAs, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists, ERP, CRM, Business Intelligence, Data Warehousing, Big Data and Creative (UI/UX, Web Design)
Clients turn to Peak17 for expertise in:
- Operational staffing and placement of Accounting/Finance, Human Resources, and Marketing professionals, as well as Information Technology resources.
Atrilogy Solutions Group and Peak17 Consulting are Equal Opportunity Employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.