Job Opportunity

Chris Jenks (, an EMU/IA graduate, notified us an opening in a CIRT/SOC in Troy, MI. Please see below. If you are interested, please contact Chris directly.




CIRT Event Analyst

Summary of Job Description:

As an Analyst or Handler in our Security Operation Center, you will provide vital Cyber Security Incident Handling to our organization; review and validate emerging threats, follow established methodologies, recommend and assist with process improvement, identify new capabilities, and assist in identifying new and existing adversary capability.

Duties and Responsibilities:

Review security-related events, assessing risk and validity, as well as reporting
Analyze host-based indicators of compromise or network traffic to assist in generating new attack signatures
Analyze additional log, forensic, malware or other IR-related data, as needed

Required Technical Skills:

Understanding of Windows operating systems and command line tools, network protocols, TCP/IP fundamentals
Knowledge of network protocols, TCP/IP fundamentals, OSI Model
Knowledge of network based services and client/server applications, HTTP, HTTPS, DNS, DHCP, FTP, SMTP, etc.
Familiarity with analyzing logging

Other Required Skills:

Ability to successfully communicate and collaborate with other departments
Ability to document and explain technical details clearly and concisely
Willingness to learn and willingness to also share knowledge

Additional Skills that Will Differentiate Candidates:

Experience with programming/scripting languages
Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services)
Background performing incident response and digital forensics
Experience in config/mgmt of feeds into event aggregation and correlation systems (e.g., Security Analytics, Splunk, ArcSight)
Experience with improvement of analyst effectiveness by optimizing signature quality in collaboration with other analysts and developers
Background in systems administration for Windows and/or *nix based environments
Familiarity with host based security tools (e.g., EnCase, Forensic Toolkit, ECAT, Volatility, Memory Forensics)

Past Experience:

Network Engineering/Architect – Routers, Switches, TCP/IP, OSI Model, etc.
Network Administration – Windows Firewall, Windows Registry, *nix administration (any)
Network Security – IPS, IDS, Firewall, Host IDS, End Point Security, Content Filtering, etc.
Services: HTTP, HTTPS, DNS, DHCP, FTP, SMTP, etc.

BS or equivalent degree in Computer Science or related technical discipline, related certifications or experience.

Desirable Certifications:



Leave a Reply

Spam protection by WP Captcha-Free

FireStats icon Powered by FireStats