Woodstock, Georgia
Job Type: Contract
Rate: 100.00
Cyber Content Engineering & Automation Job Opening in Woodstock, Georgia - Cyber Content Engineering & Automation (2 position) - Remote
USC/GC
The Metropolitan Transportation Authority (MTA) is seeking a highly technical Cyber Automation & Integrations Specialist. This position is a part of the IT Threat Intelligence group within the Cyber Security Operations Center and will be expected to provide direct support to the 24/7 Cyber Security Monitoring group as needed. The responsibilities include, but are not limited to, the following:
API Integrations with various technologies in support of both strategic and tactical Threat Intelligence & Incident Response efforts
Provide direct support for SOAR including design, development, and implementation of Tier 3 playbooks
Identify candidates of playbooks for automation
Interface with Splunk Administration team and provide guidance on improving logging deficiencies
Design countermeasures and interface with the appropriate internal stakeholder groups
Perform trend analysis of Tier-2 escalated Incidents and identify areas of security defects
Tune existing rules to reduce false-positives and increase alert fidelity
Serve as a subject matter expert in analyzing obfuscated malware code
Assist the Threat Intelligence group in other functions including
Incident Response & Forensics
Threat Readiness
Threat Intelligence / Threat Hunting
Skills:
Security Product Administration
SOAR Administration
Understanding of SOC, Threat Intelligence, & Incident Response workflows
Strong Proficiency in coding
Cybersecurity certifications (preferred)
Experience with OT & PCI technologies (preferred)
Minimum requirements:
Bachelor's degree in Computer Science, Information Services, or IT Security related field ?Or- A satisfactory equivalent with at least 3 years of IT-Security experience.
Minimum of 3 years of experience Tier 1 & 2 support for cyber security operation center.
Minimum of 3 years? experience with designing and implementing security content
|