Dovel Technologies, Inc
locations:
US - GA, Atlanta:
US - Remote (Any location) plays a pivotal role within the Information Security Operations group that is dedicated to supporting Security Operations and Incident Management/Response processes, SIEM engineering, Threat Hunting, Automation, Cyber Architecture, and Threat Intelligence. You will be mentoring and working with SOC analysts to increase knowledge and skill with detection techniques and other SecOps technologies. You may also participate on IT Security projects to enhance IT Security capabilities, improve monitoring coverage, drive detection and threat hunting efforts, leading to an overall improvement of enterprise cybersecurity posture.The successful candidate applies technical knowledge and experience to drive innovation and performance improvement while demonstrating critical thinking, problem solving, and sound logic when assessing problems and opportunities in generating solutions. This position reports to the IT Security Information Protection Associate Director.Knowledge of cybersecurity concepts, and network/web protocolsExperience with one or more of SIEMs, SOAR technologies, building/maintaining IR tools and processes, programming/scripting, **threat hunting****, log ingestion, and SIEM detection engineering/tuning.**Demonstrates effective written and verbal communication skills; clearly and concisely conveying complex messages to IT Security Operations team and leadership; effectively presenting facts and recommendationsPromotes the development of new technical knowledge and skills within IT Security Operations teamBachelor’s degree plus 6 years of experience; OR 10+ Years of experience in lieu of degreeExperience supporting Microsoft Windows operating systems * Knowledge of the MITRE ATT&CK framework* Experience working with Security Operation Centers, physically or virtually* Experience executing processes and procedures in compliance with required NIST, regulatory, and IT standards* Experience using a SIEM, such as Splunk, to do analysis of security anomalies and events, developing queries with Search Processing Language (SPL) or Kusto Query Language (KQL)* Action-oriented and able to manage and meet aggressive timelines and deadlines.* Must have excellent organizational and time management skillsWorking knowledge of NIST SP 800-171, NIST 800-61, and NIST SP 800-53 Experience in one or more of application security, security architecture, security code reviews, security/pen-testing, cloud security, cyber threat intelligence, incident response, or security infrastructureExperience interpreting vulnerability scan data and CVEs, assessing and responding to vulnerabilities, including a foundational understanding of risk managementDemonstrated knowledge of adversary TTPs (Tactics, Techniques and Procedures) Experience working with Executive Leadership Experience working with firewalls/web application firewalls, implementing changes, and monitoring status Experience conducting Incident Response and Security Investigations Working knowledge of Active Directory, Exchange, SharePoint, and Teams * Medical, Rx, Dental & Vision Insurance* Personal and Family Sick Time & Company Paid Holidays* Position may be eligible for a discretionary variable incentive bonus* Parental Leave and Adoption Assistance* 401(k) Retirement Plan* Basic Life & Supplemental Life* Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts* Short-Term & Long-Term Disability* Student Loan PayDown* Tuition Reimbursement, Personal Development & Learning Opportunities* Skills Development & Certifications* Employee Referral Program* Corporate Sponsored Events & Community Outreach* Emergency Back-Up Childcare Program* Mobility Stipend #J-18808-Ljbffr
US - GA, Atlanta:
US - Remote (Any location) plays a pivotal role within the Information Security Operations group that is dedicated to supporting Security Operations and Incident Management/Response processes, SIEM engineering, Threat Hunting, Automation, Cyber Architecture, and Threat Intelligence. You will be mentoring and working with SOC analysts to increase knowledge and skill with detection techniques and other SecOps technologies. You may also participate on IT Security projects to enhance IT Security capabilities, improve monitoring coverage, drive detection and threat hunting efforts, leading to an overall improvement of enterprise cybersecurity posture.The successful candidate applies technical knowledge and experience to drive innovation and performance improvement while demonstrating critical thinking, problem solving, and sound logic when assessing problems and opportunities in generating solutions. This position reports to the IT Security Information Protection Associate Director.Knowledge of cybersecurity concepts, and network/web protocolsExperience with one or more of SIEMs, SOAR technologies, building/maintaining IR tools and processes, programming/scripting, **threat hunting****, log ingestion, and SIEM detection engineering/tuning.**Demonstrates effective written and verbal communication skills; clearly and concisely conveying complex messages to IT Security Operations team and leadership; effectively presenting facts and recommendationsPromotes the development of new technical knowledge and skills within IT Security Operations teamBachelor’s degree plus 6 years of experience; OR 10+ Years of experience in lieu of degreeExperience supporting Microsoft Windows operating systems * Knowledge of the MITRE ATT&CK framework* Experience working with Security Operation Centers, physically or virtually* Experience executing processes and procedures in compliance with required NIST, regulatory, and IT standards* Experience using a SIEM, such as Splunk, to do analysis of security anomalies and events, developing queries with Search Processing Language (SPL) or Kusto Query Language (KQL)* Action-oriented and able to manage and meet aggressive timelines and deadlines.* Must have excellent organizational and time management skillsWorking knowledge of NIST SP 800-171, NIST 800-61, and NIST SP 800-53 Experience in one or more of application security, security architecture, security code reviews, security/pen-testing, cloud security, cyber threat intelligence, incident response, or security infrastructureExperience interpreting vulnerability scan data and CVEs, assessing and responding to vulnerabilities, including a foundational understanding of risk managementDemonstrated knowledge of adversary TTPs (Tactics, Techniques and Procedures) Experience working with Executive Leadership Experience working with firewalls/web application firewalls, implementing changes, and monitoring status Experience conducting Incident Response and Security Investigations Working knowledge of Active Directory, Exchange, SharePoint, and Teams * Medical, Rx, Dental & Vision Insurance* Personal and Family Sick Time & Company Paid Holidays* Position may be eligible for a discretionary variable incentive bonus* Parental Leave and Adoption Assistance* 401(k) Retirement Plan* Basic Life & Supplemental Life* Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts* Short-Term & Long-Term Disability* Student Loan PayDown* Tuition Reimbursement, Personal Development & Learning Opportunities* Skills Development & Certifications* Employee Referral Program* Corporate Sponsored Events & Community Outreach* Emergency Back-Up Childcare Program* Mobility Stipend #J-18808-Ljbffr