CyberSecurity Analyst - Hash Technologies

Demonstrate solid understanding & experience with security controls/tooling used by CDOC, including:

o Splunk and Elasticsearch (SIEM/Logging)

o Splunk SOAR (Case Management)

o Endpoint Security: Microsoft Defender for Endpoint, CrowdStrike, Wazuh, & Tanium

o Network Security: Netskope SWG and CASB, Palo Alto IPS, CloudFlare WAF, Extrahop, & NetWitness

o IAM: Azure AD

o Intermediate knowledge of Public Cloud environments to support AWS & GCP threat response

1. Strong understanding of networking & a variety of IT systems, apps, & their operational configurations

2. Knowledge of Threat Actor tactics, techniques, and procedures (TTPs), log analysis, network traffic analysis, and analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise