SC Works IT Jobs

SC Works Logo
Home View All Jobs (3,216)

Job Information

Spinvi Cloud Threat Development Analyst in North Charleston, South Carolina

The candidate(s) will be the organization’s technical analyst that will assess required Defensive Cyber Operations (DCO) capabilities in multiple cloud environments (O365, Azure, AWS, Oracle) and develop appropriate detection measures in a mixed Elastic and Splunk environment. The candidate will perform analysis of available cloud environment data feeds, network monitoring and filtering systems (inc. IDS/IPS), and endpoint protection platforms in order to develop unified detection measures. Ensuring the rigorous application of information security/information assurance policies, principles, and practices. Experience with user associated DoD security practices.

Responsibilities:

  • Use Network, Host and Cloud Based data to drive detection, monitoring, and response capabilities

  • Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks

  • Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)

  • Provide assistance to the Ops team in response to incidents by analyzing host behavior and network traffic

Requirements

Qualifications:

  • Minimum 3-5 years of comparable experience performing Incident Response, Forensics, Malware Analysis, or Penetration Testing

  • 5-7 years of experience if no degree

  • Experience with Cloud monitoring tools preferred (AWS, Azure)

  • Linux administration experience preferred (Redhat)

  • Must be proficient in at least three of the following disciplines:

  • Network traffic analysis and host based log analysis

  • Comprehensive understanding of enterprise Windows security (Active Directory)

  • Static and Dynamic malware analysis

  • Practical knowledge in at least one scripting or development language (e.g. PowerShell or Python)

  • Must have working familiarity with two of the following products:

  • Splunk

  • Elastic

  • Carbon Black Response

  • Fidelis Network

Preferred Education:

  • Bachelor’s degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline

Required Skills:

  • Strong written and verbal communication skills

  • Strong understanding of common enterprise technologies

  • Ability to convey extremely technical concepts to audiences with varying technical understanding

Certifications:

  • 8570 Classification IAT –II

Clearance Required:

  • Minimum of a Secret Clearance, with ability to obtain TS/SCI.

Additional Information:

  • Authorized to view audit records on Central Log Server

  • Authorized to view alerts of IDS/IPS

  • Authorized to modify auditable events on Central Log Server

  • Overtime may be required as needed to support incident response actions (Surge)

  • Up to 15% Travel may be required

Benefits

  • Long Term Disability

  • Basic Life Insurance

  • Basic Accidental Death & Dismemberment Insurance

  • Direct Payroll Deposit

  • Leave Accrual

  • Holidays

Optional Benefits

  • Short Term Disability

  • Additional (Voluntary) Life Insurance

  • Additional (Voluntary) AD&D Insurance

  • 401(k)

  • Medical Coverage

  • Dental Coverage

  • Vision Care Plan

  • Flexible Spending Account Plan

  • Online Training

  • AFLAC Supplementary Insurances

AAP/EEO Statement

Core4ce is an Equal Opportunity Employer. Core4ce does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

Core4ce provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Core4ce complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Core4ce expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Core4ce’s employees to perform their job duties may result in discipline up to and including discharge.

Reasonable Accommodation Statement

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to HR@Core4ce.com. (Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment)

DirectEmployers