As a Security Specialist, you will serve as a senior member of the Security Operations Center, responsible for handling the most complex and sensitive security incidents. You will lead threat hunting initiatives, perform deep malware and forensic analysis, and manage escalated investigations. Your expertise will be critical in identifying advanced persistent threats (APTs), insider threats, and anomalies through User and Entity Behavior Analytics (UEBA).
Key Responsibilities:
- Proactively perform threat hunting searches for hidden threats using hypothesis-driven techniques and advanced analytics.
- Reverse engineer malware samples, identify indicators of compromise (IOCs), and develop detection signatures.
- Conduct forensic investigations on endpoints, servers, and cloud environments to support incident response and legal proceedings.
- Handle advanced investigations escalated from Tier 1 and Tier 2 analysts, ensuring thorough analysis and resolution.
- Analyze user and entity behavior to detect anomalies and potential insider threats.
- Handle high-impact or confidential investigations with discretion and rigor.
- Act as a SME for critical incidents, coordinating containment, eradication, and recovery efforts.
- Enhance detection and response capabilities by developing custom rules and scripts.
- Create detailed investigation reports, threat intelligence briefs, and post-incident reviews.
- Work closely with threat intelligence, vulnerability management, and compliance teams to strengthen overall security posture.
Requirements:
Education & Certifications:
- Bachelor's degree in Cybersecurity, Computer Science, or related field.
- Certifications such as CISSP, GCFA, GREM preferred.
Experience:
- 5+ years in security incident analysis roles with at least 2 years in Tier 3 or advanced threat detection roles.
- Proven experience in threat hunting, malware analysis, and digital forensics.
- Proficiency with SIEM platforms EDR tools and forensic tools (e.g., EnCase, FTK).
- Strong scripting skills (Python, PowerShell, Bash).
- Familiarity with MITRE ATT&CK framework and threat intelligence platforms.
- Experience with UEBA technologies and behavioral analytics.
- Strong analytical and problem-solving abilities.
- Excellent communication and documentation skills.
- Ability to handle sensitive investigations with integrity and discretion.
