Lead / Cybersecurity (Threat Detection & Response Analyst) Engineer
Job Title: Lead / Cybersecurity (Threat Detection & Response Analyst) EngineerRemote• Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security events and false positives. • Correlate intelligence, to develop deeper understandings of tracked threat activity. • Apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information.• Pivot through open-source and internal frameworks for related data associated with potentially malicious Indicators of Compromise (IoCs) and Indicators of Attack (IoAs). • Triage potentially malicious binaries and/or other types of malware, including familiarity with basic to intermediate static/dynamic analysis techniques. • Prepare and report risk analysis and threat findings to appropriate stakeholders. • Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation.• Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise. • Script basic tasks with high-level scripting languages, such as Python or PowerShell. • Threat Detection & Response Playbook Development, Standard Operating Procedures, Amtrak ITSM Cyber Incident Management and Handling Playbook Development, Non-Cyber & Physical Incident Playbook Development Apply tot his job