Jo1649

Location: Remote (Work@Home)

Schedule: 6am – 6pm CST (it might be within this range).

Duration: Full-Time

Our client is a global leader providing online education, assessment, remediation, certification, and e-learning solutions for the post-secondary academic market specifically serving the nursing, allied health, sports medicine, public safety, and financial services industries. They employ more than 900 employees in 35 states. Their portfolio companies consist of Jones and Bartlett Learning, ATI Nursing Education, the National Healthcare Association, ExamFX, the National Academy of Sports Medicine, Boston Reed, Advanced Informatics, and ClickSafety. 

We are looking for a confident person, should not get nervous easily.  This is a very critical and technical role; we expect this person to walk in the door and be able to own the management of the Mimecast and Cofense Triage & Vision tools and investigate events, phishing, and activity.  

Required Skills:

• Mimecast tool expert, 3 years+ experience administering Mimecast environment with 100s of policies, in-depth understanding of Mimecast Targeted Threat Protection (TTP) policy configurations, and email analysis.
• Cofense Triage & Vision expert, 3 years+ experience building automated playbooks and workflows, in-depth understanding of threat analysis and investigation, including forensic analysis, root cause identification, and response recommendations.
• Proficient in email header analysis for enhancing email security, with expertise in identifying and mitigating threats through detailed examination of header information. Skilled in detecting anomalies, tracing email origins, and understanding routing paths to prevent phishing and spoofing attacks.
• Strong experience & skills performing incident triage and investigating attacks, malware, and suspicious activity at a process, command, and code-level.
• Strong RegEx experience
• Strong Windows OS server infrastructure knowledge
• Technology experience 10+ years, 6+ years of information security
• Excellent English communication skills (written, verbal, and comprehension)
• Confident, energetic, driver, leader mentality
• Extremely detail-oriented
• Passionate about information security
• Good Judgement
• Proactivity
• Advanced problem solver

Experience

• Working in a SOC or providing incident support for a security team
• Leading multi-team incident investigations
• Experience identifying and mitigating web application attacks, C2 beaconing, and/or DPL/Data Exfil.
• Log/protocol analysis, writing RegEx, and experience efficiently analyzing and sifting through thousands of logs to quickly pinpoint/identify suspicious activity.
• Experience with searches in a SIEM (like QRadar or Splunk) and/or an EDR (like Carbon Black, CrowdStrike Falcon).
• Threat hunting in core security tools

Tool Experience

• Mimecast
• Cofense Triage & Vision
• Regex