other
Added May 1SecOps Expert
at SKALE Labs
New York Usa, United StatesOn-site
Responsibilities
- Guide the team: Provide expert advice and support to the team on complex security matters.
- Manage threats: Quickly identify breach attempts, contain and eradicate threats, and streamline incident response processes.
- Drive continuous improvement: Continuously test our security controls and leverage threat intelligence to help the business make informed decisions.
- Perform host-based analysis, artifact analysis, and malware analysis in support of security investigations and incident response.
- Coordinate investigation, containment, and other response activities with business stakeholders and groups.
- Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
- Recommend or develop new detection logic and tune existing sensors/security controls, incorporating machine learning models to reduce false positives and improve detection efficacy.
Requirements
- The world of digital assets is accelerating in speed, magnitude, and complexity, opening the door to new ways for leveraging the blockchain.
- Leverage AI & ML: Use Machine Learning and Generative AI to automate workflows and build intelligent, proactive security solutions.
- Responsibilities Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans, leveraging AI-driven insights for faster context gathering and alert prioritization.
- Work with security solutions owners to assess existing security solutions' ability to detect/mitigate advanced TTPs, identifying opportunities to augment traditional controls with AI-based defenses.
- experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) creating, escalating, and managing security incidents, utilizing both traditional and AI-augmented SOC tools .
- Managing low to high-risk cybersecurity alerts, and incidents, leveraging ML&AI-based anomaly detection for efficient monitoring and analysis, and responding to security threats.
- 3+ years of working with security tools such as SIEM, Analytics & Intelligence, Intrusion Detection, Malware detection, Data Loss Protection, and Identity & Access Management Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure) Solid understanding of system and security controls on at least two OSs (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and