Technical Lead-Cybersecurity

Overview

Area(s) of responsibility

• Stay Informed on Emerging Threats: Continuously monitor the threat landscape and report new vulnerabilities, including the latest CVEs and zero-day vulnerabilities.
• Perform vulnerability-based risk assessments: Assess the potential impact and probability of identified vulnerabilities.
• Performs technical analysis and validation of vulnerabilities
• Identify false positive
• Report presentation to stakeholders
• Remediation Support: Track remediation efforts, train stakeholders on ARMIS-VIPR, support remediation processes, and coordinate exceptions.
• Monitor Tenable Tool status and recommend corrective actions.
• Security Culture: Train stakeholders on understanding and interpreting vulnerability reports.
• Reporting: Automate reporting dashboards for efficient and accurate reporting.
• Incident and Data Breach Handling: Handle incidents and data breaches, including ransomware and malware attacks.
• Cyber Security Knowledge: Apply knowledge in cyber security frameworks such as Blue Teaming, MITRE ATT&CK Matrix, Cyber Kill Chain, and NIST CSF.
• Alerts Identification and Incident Triaging: Identify false positives and triage incidents effectively.
• Continuous Learning: Stay updated with the latest trends and developments in cybersecurity.
• Stakeholder Reporting: Present reports to stakeholders effectively.
• Team Collaboration: Be a team player and handle team responsibilities.
• Threat Hunting: Conduct regular and semi-automated threat hunts, review and analyze results.
• Data Analysis: Use data analysis techniques to identify potential threats.
• Report Creation: Create reports for customers and internal operational use on an ongoing basis.
• Broaden Detection Coverage: Identify opportunities to acquire, ingest, and analyze data and logs from additional sources and technologies.
• Malware Analysis: Extend malware analysis capability and execute malware triage.
• Documentation: Create and update documentation to support ongoing operations.
• Collaboration with VM Analysts: Collaborate with Vulnerability Management (VM) Analysts to understand emerging threats and vulnerabilities.
• Research on Cyber Threats: Conduct in-depth research on new and evolving cyber threats, vulnerabilities, and attack techniques.
• Insights for VM Team: Provide insights to the VM team to enhance their ability to detect and respond to emerging threats.
• Collaboration with SOC Analysts: Collaborate with SOC Analysts to monitor and analyze security alerts and events.