This is a 12 month contract with Vanguard. 100% remote. All visa - No H1B. Only EST candidate. Someone local to PA is the best. Linkedin is must.

Required Skills - SIEM, cyber Security backback

Job Profile Summary

• Perform network and endpoint threat hunting and creating and maintaining SIEM correlation rules, reports and dashboards.
• Provide orchestration and automation for SOC processes and creating and maintaining SOC standard operations procedures.

Duties and Responsibilities

• Partners with IT and business units to create, document and monitor Managed Services statements of work.
• Ensures detection and mitigation controls are implemented.
• Responds to violations following incident management processes and reports out to management.
• Implements security monitoring and documents standard operations procedures for the Incident Management Team.
• Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency.
• Monitors security systems, analyzes events and investigates security-related incidents.
• Creates Threat Hunting models for Endpoints and Network Traffic.
• Analyzes endpoint including logging, EDR, IPS and DLP tools.
• Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools.
• Focuses on critical systems within organization's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
• Keeps management within the department informed by communicating progress, issues, concerns and opportunities.
• Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.
• Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise.
• Maintains an awareness of the department's dashboard and provides suggestions to improve performance.
• Identifies Tactical Intelligence relevant to organizations systems.
• Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.
• Escalates internal threat issues to the Insider Threat Team.
• Participates in special projects and performs other duties as assigned.

Skill and Experience

• Demonstrated initiative and ability to work independently with attention to detail.
• Experience analyzing endpoint logging, detection, response and forensic tools.
• Experience creating rules, reports and dashboards in SIEM tools.
• Knowledge of security administration concepts, theories and practices.
• Familiarity with enterprise-wide security administration tools.
• Undergraduate degree in information technology-related field or equivalent combination of training and experience.