Area(s) of responsibility
- Stay Informed on Emerging Threats: Continuously monitor the threat landscape and report new vulnerabilities, including the latest CVEs and zero-day vulnerabilities.
- Perform vulnerability-based risk assessments: Assess the potential impact and probability of identified vulnerabilities.
- Performs technical analysis and validation of vulnerabilities
- Identify false positive
- Report presentation to stakeholders
- Remediation Support: Track remediation efforts, train stakeholders on ARMIS-VIPR, support remediation processes, and coordinate exceptions.
- Monitor Tenable Tool status and recommend corrective actions.
- Security Culture: Train stakeholders on understanding and interpreting vulnerability reports.
- Reporting: Automate reporting dashboards for efficient and accurate reporting.
- Incident and Data Breach Handling: Handle incidents and data breaches, including ransomware and malware attacks.
- Cyber Security Knowledge: Apply knowledge in cyber security frameworks such as Blue Teaming, MITRE ATT&CK Matrix, Cyber Kill Chain, and NIST CSF.
- Alerts Identification and Incident Triaging: Identify false positives and triage incidents effectively.
- Continuous Learning: Stay updated with the latest trends and developments in cybersecurity.
- Stakeholder Reporting: Present reports to stakeholders effectively.
- Team Collaboration: Be a team player and handle team responsibilities.
- Threat Hunting: Conduct regular and semi-automated threat hunts, review and analyze results.
- Data Analysis: Use data analysis techniques to identify potential threats.
- Report Creation: Create reports for customers and internal operational use on an ongoing basis.
- Broaden Detection Coverage: Identify opportunities to acquire, ingest, and analyze data and logs from additional sources and technologies.
- Malware Analysis: Extend malware analysis capability and execute malware triage.
- Documentation: Create and update documentation to support ongoing operations.
- Collaboration with VM Analysts: Collaborate with Vulnerability Management (VM) Analysts to understand emerging threats and vulnerabilities.
- Research on Cyber Threats: Conduct in-depth research on new and evolving cyber threats, vulnerabilities, and attack techniques.
- Insights for VM Team: Provide insights to the VM team to enhance their ability to detect and respond to emerging threats.
- Collaboration with SOC Analysts: Collaborate with SOC Analysts to monitor and analyze security alerts and events.
