Bash Scripting, Communication Skills, Computer Security, Customer Support/Service, GPEN - GIAC Penetration Tester, Gap Analysis, Identify Issues, Industry Standards, Information Technology & Information Systems, Linux Operating System, Microsoft Windows Operating System, Problem Solving Skills, Python Programming/Scripting Language, Reporting Dashboards, Reporting Skills, Scripting (Scripting Languages), Security Architecture, Security Information and Event Management (SIEM), Technical Support, Telecommunications, Use Cases, Windows PowerShell
Join our team in Columbia, SC, a vibrant city known for its rich history, friendly community, and growing tech scene. We are seeking a highly skilled professional to enhance our security architecture and ensure robust protection for our IT environments.
Daily Duties / Responsibilities
- Preference will be given to a candidate who can work onsite over hybrid and over full-time remote (on-site as needed).
- Review and tune current detection rules within the State SIEM.
- Perform gap analysis of the current detection coverage.
- Develop detection rules/solutions to cover found gaps.
- Monitor threat intelligence sources for new use cases.
- Work with State SOC analysts to create and tune rules.
- Collaborate with the State Threat Hunter to identify and remediate detection coverage gaps.
- Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
- Coordinate with engineering, SOC, and agency staff as needed to meet goals.
- Other duties as needed.
Additional Skills and Duties
- Proven experience with detection tuning/development.
- Experience with dashboard creation and reporting.
- Excellent communication and customer service skills for agency-facing engagement.
- Experience in working in a multi-tenancy environment.
- Experience in multi-agency or enterprise service projects.
Preferred Skills (Rank in Order of Importance)
- Experience with the Palo Alto Cortex XSIAM platform.
- Deep understanding of Windows/Linux artifacts.
Required Education/Certifications
- Bachelor's degree in an Information Technology or Information Security related field.
- Eight years of relevant work experience may be substituted in lieu of education.
- Five years of experience in supporting large IT environments and/or system deployments.
- Five years of strong scripting and automation skills (Python, Bash, PowerShell, or similar).
- Understanding of Sigma, YARA, and other industry standard detection languages.
- Familiarity with MITRE Telecommunication&CK framework.
Preferred Education/Certifications
- CISSP, CISA, CISO or equivalent advanced security certification.
- Additional relevant certifications (e.g., CEH, OSCP, GPEN).
- Vendor certifications in detection engineering.
- Resource is local to Columbia, South Carolina or a surrounding city in South Carolina.
T
Talent Software Services, Inc.