Key Duties and Responsibilities

• Oversee and ensure successful execution of all configuration, implementation and maintenance of host-based firewalls, intrusion prevention system (IPS), anti-virus (AV) software, SELinux, network firewalls, IPS, SIEMs and proxies
• Develop Standard Operating Procedures (SOPs) for various security tools utilized within the environment
• Oversee and ensure the successful development and deployment of countermeasures for network and hosts systems based on open source intelligence (OSINT) or behavioral analysis
• Monitor, tune and implement countermeasures in various security tools such as Trellix ePO, Palo Alto and QRadar
• Perform incident response and follow chain of custody processes during investigations
• Characterize and analyze network/host traffic to identify anomalous activity and potential threats to company resources
• Lead and perform malware analysis and reverse engineering of suspicious files
• Configuration, implementation and maintenance of data loss prevention (DLP) solutions to include implementation, administration and maintenance
• Lead and perform basic vulnerability/penetration testing upon request from the Directory of Cybersecurity
• Document cyber response finding and present them to leadership in a clear, concise manner