Corinth Consulting GroupRemote
SADOM Analyst
United States
Full Time
10 hours ago
$105,000 - $120,000 USD
No H1B
Key skills
AnsibleAWSChefCloudPowerShellCloudWatch
About this role
Role Overview
- Operate and maintain security configurations and applications supporting incident response with 24x7 availability
- Provide 12x5 operational expertise for integration, deployment, recapitalization, operations, and maintenance of security technologies
- Develop, deploy, test, patch, upgrade, and optimize security incident response tools and devices
- Perform full-scope administration of SecOps tools, including configuration, access management, and system optimization
- Create and maintain procedures and technical documentation for SecOps hardware and software
- Use configuration management tools (e.g., Ansible, Chef, PowerShell) to manage and maintain systems
- Manage, implement, and tune signature sets across multiple monitoring technologies to maximize detection accuracy and minimize false positives
- Document all tuning activities in the Tools Tuning Activities Log
- Implement approved access requests, conduct user recertification, and remove unauthorized users from SecOps tools
- Assist stakeholders with tool access, reporting, queries, and continuous monitoring processes
- Support security tools hosted both on-premises and in cloud environments
Requirements
- At least two (2) active certifications, such as: CompTIA A+, Network+, Security+, ISC2 CISSP or other comparable certifications (subject to approval)
- Bachelor’s degree or Minimum three (3) years of experience in incident detection and response
- Minimum three (3) years of experience in one or more of the following: Systems administration, Database administration, Network engineering, Software engineering or development
- Ability to obtain and maintain the required security clearance based on work location
- Experience with a combination of the following tools is required: FireEye HX, Cisco ThreatGrid, Cisco Stealthwatch, Teramind, Exabeam, AWS CloudWatch, Swimlane, Tenable.io, Malware Information Sharing Platform (MISP)
Tech Stack
- Ansible
- AWS
- Chef
- Cloud
Benefits
- Multiple medical plan options
- Dental and vision coverage
- Health savings and flexible spending accounts
- Employer-sponsored life and disability insurance
- Access to wellness and health advocacy resources
- 401(k) retirement savings plan with company match and immediate vesting
- Paid holidays
- Paid time off (PTO)
- Sick leave
- Paid volunteer time
- Parental leave
- Other leave programs
- Employee Assistance Program (EAP) offering confidential counseling and support services
- Professional development and training opportunities